I have an application we bought that I need to integrate, and it uses jakarta connection to get to the application from IIS.So, the basic operation is
View 1 RepliesI am working on a site that uses windows authentication, but I have one page for password resets that I want to allow anonymous access to.I have tried doing authorization, allow users="*", but it doesn't appear to work with this.Do I need to have another seperate site for this section?
View 2 RepliesOur code relies on checking the Context.User.Identity value in the Global.asax Application AuthenticateRequest(...) method to retrieve some information about the logged in user. This works fine in classic mode but when I flip IIS to use the Integrated Pipeline "Context.User" comes back as null, but only intermittently.I have < authentication mode="Windows"> and only Windows Auth enabled in the Virtual Directory.
View 1 RepliesWe're running IIS7 and have windows authentication enabled. Everything else is disabled. When we go to the page though, we aren't prompted for a windows logon, but are redirected to the default forms authentication login page (Accoun
View 1 RepliesI need to create an application with Forms Authentication and/or Windows Authentication. If the application is set to use mixed authentication (Forms + Windows Auth) and the user don't have a Windows user account, the login will fail and he must be redirected to a forms login page. How can I do this?
Are there any different way to provide mixed authentication?
We have a weird issue found during setting up a new Windows 2003 Server with IIS6.0 & ASP.NET 2.0, our site is built using ASP.NET forms authentication with general authorization to deny access to all users & allow explicitly to static, home pages etc, -- web.config setting for forms auth looking as below:
<authentication mode="Forms">
<forms name="appNameAuth" path="/" loginUrl="~/Pages/Users/Login.aspx" protection="All" timeout="60" defaultUrl="~/Pages/Inner.aspx">
</fo </authentication
we are running a complex 64-bit ASP.NET 2.0 application on W2008 R2 Standard and stress tests done with VS2008 Team System have indicated that integrated pipeline mode is 30% slower than classic mode.
We have compared the application traces extensively and it appears that integrated mode is uniformly slower than classic. That is, there is no single point that causes delays in integrated mode.
This is quite the opposite to everything Microsoft says about the integrated pipeline, so it might be that there is something quite wrong with the configuration of the integrated mode or the server. But we have not found any settings that would have any effect on this. Some complaints that Sharepoint and reporting services are slower in integrated mode can be found, but our application does not use them so this is quite likely unrelated.
I fill a third-pard component variable in Global.Application_BeginRequest(). Everything is fine until I set IIS7 into the Integrated mode. In that case the method Application_BeginRequest() is not called (Application_Start is ok).May be some module is registered wrong?(I have found a same problem here on forum, but without a solution:[URL]
View 1 RepliesI just switched from Classic Mode to Integrated Mode and now HttpContext doesn't seem to exist in my ASP.NET application. I can't even add a Watch to HttpContext nor to HttpContext.Current.
I'm using FluorineFX where in the Web.config a HttpModule is defined. Apparently, in IIS7 Integrated Mode, these HttpModules need to be added to the Modules section in System.WebServer. I have done this, but now I'm having this HttpContext problem...
Code is in a simple service class being called by Flex (amf).
if (HttpContext.Current.User.Identity != null)
{
...
Web.Config (I don't know how to display this properly in Stack...):
<?xml version="1.0" encoding="utf-8" ?>
[Code]....
Firstly there's a great overview of the IIS7 HTTP request lifecycle and various settings that affect performance here:
ASP.NET Thread Usage on IIS 7.0 and 6.0
Very specifically though, in dotNet 4 the defaults for maxConcurrentRequestsPerCPU and requestsQueueLimit are set to 5000. E.g. equivalent to: (in aspnet.config):[code]....
Seems to me that on a multi-CPU/core server the requestQueueLimit here will always be invoked well berfore the 'perCPU' limit. Thus, if a max of 5000 requests per CPU is what you actually want then I would expect that the requestQueueLimit needs to be increased to 5000 * CPUCount or just disabled altogether.
Is my interpretation correct? If so can I disable requestQueueLimit? (set it to zero?). The documentation on this setting doesn't appear to address this question (so maybe I'm missing something or misreading?)
** side note from the above article: The requestQueueLimit is poorly named. It actually limits the maximum number of requests that can be serviced by ASP.NET concurrently. This includes both requests that are queued and requests that are executing. If the "Requests Current" performance counter exceeds requestQueueLimit, new incoming requests will be rejected with a 503 status code)
In IIS6 the scenario below is working perfectly.I have an HttpModule called URLRedirect which examines URLS and by using RegEx rewrites of applicable. An example is a URL "/doc47.pdf" gets redirected to docpdf.ashx?id=47 Then the docpdf.ashx used the id value and, using a database builds an application/pdf document and returns it. Since I need to validate that the user has access to the data, the first line of the ProcessRequest(HttpContext context) function is:if (context.User.Identity.IsAuthenticated) ..... This is where the problem occurs, but more details first.
On a webpage, access to which is restricted to lgged on users who meet certain criteria there is a link which allows the user to present the page as a PDF document. This is achieved by using javascript to open a popup window using the window.open("/doc47.pdf", ... ) function.This all works fine under IIS6 and under IIS7 if I change the mode to Classic. But, under IIS7 in integrated mode, the following happens.The line in doc.ashx described above raises an exception because context.User == null. But, and this is interesting, if instead of using the link that opens the popup window I instead type /doc.pdf?id=47 into the address bar, the PDF document displays correctly.So this indicates to me that the URLRedirect Module is somehow losing the logged on user information.
Using IIS 7.5, IIS_IUSRS is supposed to be the account to use. I get '401 - Unauthorized: Access is denied due to invalid credentials' error. If I add an EVERYONE account with Read, it works. But rather not have Everyone account. Any idea why IIS_IUSRS does not work? It has Read access. Anonymous Access=enabled. Specific User=IUSR As a side, on the Basic Settings... for the site, Test Settings button says 'ok-on Authenticate' but Authorization 'cannot verify access to path'.
View 1 RepliesI'm trying to setup my IIS 7.0 MVC2 site but having problems.I want to use Integrated Security so that the app can obtain the user's credentials. We can then do a look-up of some AD groups to determine what they can do from that point onwards.The problem is - Every time we browse to the application, instead of navigating to our main page immediately, we get a login prompt provided by IE. I've read that we need to make sure that in the browser's Tools->Options->Advanced-> (Securiy-> ENable Windows Intagrated Security) must be checked - which it is on ALL 3 machines where I try this.
The machines AND the server are all in the same domain.My config file states <authentication mode="Windows" /> and I've tried every combination for <identity...> and <authorization...> but to no avail. I can only get the "login" prompt to go away if I enable Anonymous Authentication - but then I can't detect the windows user or their group membership.
am trying to write an HttpModule that will work in IIS7 with integrated pipeline mode AppPool. Within this module I need to access Session variables and to be able to capture the Session Start and End events. I have found a couple of articles on this topic that indicate the need to modify the behavior of the HttpHandler in PostAcquireRequestState to force the Session for the context to be initialized. The article I am using as a template is posted here:[URL]In my case I am getting the following error:
[NullReferenceException: Object reference not set to an instance of an object.] System.Web.PipelineModuleStepContainer.GetEventCount(RequestNotification notification, Boolean isPostEvent) +30 System.Web.PipelineStepManager.ResumeSteps(Exception error) +1112
System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb) +113 System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +616
I believe that this error implies a problem with attempting to attach an event handler multiple times. I am aware that the modules Init function can be called more than once and have set a static initialization flag which ensures that I will only ever attach the event handler once.In the most condensed form my code is as follows:
public class HttpModule : IHttpModule, IRequiresSessionState
Is it possible to request an X509 certificate from a client without configuring the application to use Windows Authentication? The purpose would be to press an asp.net button and "digitially sign" a web-form's contents. I do not need any login information, just the X509 cert.
View 1 Repliesif it is possible to use a WCF Dataservice as the MemberShipProvider for a forms auth application. I have written code for a provider (below), but I do not know what to do as far as a connection string, or any other web.config properties.
Please Help!!! Here is the code for my provider, anytime it says Odbc that is because I based this off of the custom Odbc provider on the msdn site. The only ACTUAL references to any odbc connection are in the comments:
[Code]....
I need this up and running quick but I spent the last few hours researching/worrying about which would be better:
Asp.net Forms Authentication
vs
Custom Header Token:
On the server
[code]...
Been scratching my head on this one today quite a bit. Time to ask the guru's.Implementing your basic Forms Auth for a 2.0 web app in conjunction with SQL Membership Provider and Role Provider. Web.Config from virtual directory root
[Code]....
All other subdirectories do not contain web.config files but rather wanted them to just work off inheritence from the root web.config. Upon publishing of this setup - I am having one hell of a time maintaining the user 'authenticated' state. (Not sure if that's the best explanation of what is going on.. but)
We have an ASP.NET web application which uses integrated windows authentication. It is accessed by users from two domains, A and B. A is the primary domain and B is an older domain which is going away. Web application is authenticating users using a group policy which only exists in domain A. Every user in domain B has an account in domain A. The application lives in domain A. There was no trust between the domains. So users from domain A would get silently authenticated and logged into the site. Users from domain B didn't get authenticated automatically and were prompted with the IE popup, to which they authenticated using their domain A credentials and everything worked. Now somebody has set up a trust between the domains and users from domain B get authenticated silently to IIS, and then their login fails (no group policy). So the question is:
can I either programmatically or in IIS configuration make it so that users from domain B still get prompted even though there is trust between the domains? Is there a way to tell the server where IIS is running to ignore the trust relationship maybe?
What's happening is when windows authentication/authorization fails the user get's a login prompt in IE6, IE7 and FireFox. Only when user clicks Cancel button in login prompt they are getting to 401 error page. What I am trying to achieve is to automatically redirect the user to a custom error page when getting 401 error instead of getting login prompt. Is this possible to suppress the login prompt in this scenario or is it this way by design?Here is my setup:I have windows integrated authentication configured in asp.net 2.0 web app.
[Code]....
In IIS I have website Directory Security configured to use Integrated Windows Authentication and disabled Anonymous Authentication
I've got Integrated Security up and running.Am I correct that when users initially access the site that they have to enter their user name & password? I was thinking that Integrated Security would allow the user to go directly to the site (it is an on intranet) without having to enter the un/password. My thought was that Integrated Security would eliminate the needs for the user to sign in once they've signed into Windows when they start up their machines.
View 2 RepliesIn my masterpage application i have "Integrated windows authentication" enabled and it works fine for Active Directory Users. but i have created some users in my aspnetdb and i want few users to login and use my application. But for created users in aspnetdb i can getting "windows login screen". means when users not on active directory try to access application instead of getting login page, they get windows auth login popup.
View 1 RepliesWill I be able to access a Asp.net website on IIS 7 with integrated windows authentication enabled from outside the domain?
View 1 RepliesI've set up an ASP.NET MVC application for my company's Intranet that grabs the user's NT creds via System.Web.HttpContext.User and checks against its own database to perform authentication/authorization.This works just fine on my local machine, and I assume it will also work once deployed to the production server, but the development server is on a different domain than the users. While trying to test the app, Iget prompted for a username and password, which isn't supposed to happen. Worse, entering my login creds still doesn't work. I'm deploying a MVC 2 application to an IIS 6 server.The steps I read to take to get Integrated Windows Authentication to work included putting these lines in my Web.config file:
[Code]....
Then, on IIS in Directory Security uncheck the checkbox that allows anonymous authentication, and make certain that only Windows authentication is checked in the access methods section. I've done these things, but since I'm dealing with cross-domain authentication, it's dead in the water. I tried a Google search, and I'll continue with this, but I haven't found anything yet. I'm not incredibly savy when it comes to domain issues, so I might have seen a possible solution and not recognized it.
Is there any way to change the content of a Windows Integrated authentication dialogue box?
View 1 Replies