AJAX :: AutoCompleteExtender - Authentication Failure (forms Authentication)

Apr 15, 2010

'm using the AutoCompleteExtender from the AJAX control toolkit on my aspx page - I have it wired up to a WCF service that is returning a string array and everything works happily.

If I change my service definition to include a demand for the caller to be authenticated, like so:

<OperationContract(), PrincipalPermission(SecurityAction.Demand, Authenticated:=True)> _Public Function GetLookupValues(ByVal prefixText As String, ByVal count As Integer, ByVal contextKey As String) As String()

Then the autocomplete extender stops working, and I get an authentication error in the service. The service is set up to use ASPNetCompatibility mode, and I was hoping that the extender would pass the authentication credentials for my logged in user - does anyone know how to make this work?

View 2 Replies

Similar Messages:

Security :: Forms Authentication Across A Subdomain And The Redirect URL Failure?

Apr 9, 2010

Here's my scenario.

I've got a site called domain.com and also another product on product.domain.com. The product.domain.com requires authentication to access it. For consistancy in the user experience I have set the login url in the web.config on product.domain.com to be http://domain.com/Login.aspx. This redirection is working ok - and a sample url would be:


The problem is that the RedirectURL does not take into account that the request originally came from product.domain.com so when the authentication is successful the user is not redirected back to product.domain.com

I have come up with a solution for this but would like feedback if possible.

I changed the loginURL in the web.config to http://domain.com/Login.aspx?domain=product.domain.com so the sample url is now:


I then override the LoggedIn event in the membership control and check to see if the domain value pair is specified and if it is I redirect to the domain + ReturnURL.

As I said previously i'd appreciate any comments or other ways to achieve the same result.

View 1 Replies

Forms Authentication Cookie Not Expiring On Server Shutdown / Failure?

Jan 5, 2011

Here is a use case of my login using a CustomMembershipProvider

User Logs in MembershipProvider validates user account User property of Membership is set to user details coming from the database An authentication ticket is created Forms authentication cookie is added. User is logged in

Here is a use case of my problem Stop whe web development server Start the web development server, and user is still logged in (due to cookie?) User property Membership is set to null due to server restart/failure Application throws exception due to null user value

The only solution I could think off is to clear all cookies on Application_Start() but I don't know how is that even possible as Request is out of context during application start.

Here is the code:


View 2 Replies

C# - What's The Difference: Windows Authentication, Passport Authentication And Form Authentication

Sep 17, 2010

Just going to start making a web application and was wondering which was better, or at least what are the main differences between them (as it probably matters what I am using them for)?

View 3 Replies

Security :: Changing From Forms Authentication To Windows Authentication?

Sep 3, 2010

What do I need to do in order to change an application from Forms Authentication to windows authentication?

View 2 Replies

Security :: Using Rss Feed Authentication With Forms Authentication?

Jun 3, 2010

I have developed the authenticated rss feed using the basic http authentication for my site.I also have the admin module for the site which uses the Asp.net Forms Authentication .Both are in the same project.When i turn on the forms authentication module to None in my web.config.My rss feed authentication works fine(the browser pop up the dialog box for the username and password) and upon entering the username and password the rss feed gets displayed.But with forms authentication turn on when i click the rss feed link i am getting redirected to the administrator login page.

If i set my authentication mode to none than the feed works like dream but the admin module do not work as it uses forms authentication.

How can i resolve the conflict for that one.I am using the asp.net mvc filter on my feed contoller to pop up the dialog box for the username and password.


View 1 Replies

How To Convert Forms Authentication To Windows Authentication

Sep 15, 2010

I've been asked to convert an asp.net application from forms authentication with roles using the aspnetdb database to use windows authentication instead.

what is required to do this? can I still use the roles defined in the app and stored in aspnetdb?

View 1 Replies

Mixing Forms Authentication With Windows Authentication?

Feb 12, 2010

I have an (ASP.NET 3.5) intranet application which has been designed to use forms authentication (along with the default aspnet membership system). I also store additional information about users in another table which shares its primary key with the aspnet_users table.

For users who are part of our domain I store their domain account name in the secondary users table, and I want to automatically log in users whose domain account name matches a name stored in the table.

I have read the guides which are available - they're all from two years ago or more and assume that you are able to activate Windows Authentication on a separate login page that allows you to extract the domain account name. From what I can tell, though, this is not possible in IIS7 (the overall authentication method is applied on all pages and cannot be selectively deactivated, and both authentication methods can't be applied on the same page).

Is there a way of getting IIS to pass through the windows domain account name of the requesting user? I don't need proper AD authentication, just the domain name.

View 6 Replies

Ssl - How To Preserve Authentication For Forms Authentication Cookie

Aug 19, 2010

We have a non-SSL ASP.NET web app that allows a user to login (ASP forms authentication, inproc).

Once authenticated, we redirect their browser to an external, SSL secured page on another web site / domain altogether that we do not control.

The client is redirected back to a pre-configured url on our original http web app when done.

However, the customer is then asked to "re-login" again on our side which is undesired...

It seems the forms authentication cookie is destroyed when transitioning between HTTP and HTTPS and back again.

How can I keep the forms authentication cookie alive so that the customer does not have to re-authenticate on the round trip?

View 2 Replies

Security :: Forms Authentication With A Secondary Authentication?

Feb 16, 2011

I'm developing an internal booking sytem. Users log in to the sytem and can view existing bookings and search for bookings. They can also create new or edit existing bookings. When completing such actions I need a confirmation prior to completing the booking or updating the recorded. The confirmation is based on a reauthentication of the user.... in otherwords he needs to enter his passord again.

How can I achieve this? The system is internam and I'm using Forms Authentication. I an also using roles as som of the admin forms can only be viewed by administrators.

View 1 Replies

DataSource Controls :: Use Mixed And Server Authentication Option Inplace Of Windows Authentication?

Jan 8, 2010

I have just installed SQL Server 2005. I selected windows mode authentication. I am not able to login in management studion. Now, I want to use mixed and server authentication option inplace of windows authentication. so, would that be possible after installation.

View 2 Replies

Security :: Authentication Method - Enable Anoymous Access And Basic Authentication?

Jul 14, 2010

This could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.

View 3 Replies

Security :: What's The Difference Between Basic Authentication And Integrated Windows Authentication In IIS

Jan 4, 2011

What's the difference between Basic Authentication and Integrated Windows Authentication in IIS?

View 3 Replies

Security :: Enable Windows Authentication And Disable The Anonymous Authentication In IIS?

Mar 10, 2010

I set authentication mode to Windows in the web.config and I enable Windows Authentication and disable the Anonymous Authentication in IIS 7 on win 7, but HttpContext.Current.User is always null.It works fine when I host the web app in IIS 6.0.

View 1 Replies

Open Source - Authentication For The Database Which Already Have Form Authentication?

Feb 8, 2011

I have a database which has form authentication tables for an website [let say website A], now I have attached a new website [Website B] to the same database, in this website [Website B] also I have to provide login/authentication which would be separate from the website A authentication system. So I want to have separate table for the users of new website. Specification:


will there be any open source membership provider like we have .NET membership provider [form authentication].

View 2 Replies

Security :: Web Farm Using Window Authentication Or Form Authentication?

Aug 9, 2010

I have a web farm web project, and want to make sure windows authentication is working well without any problem in web farm, can any one give me some web sites or information about that?

View 1 Replies

Security :: How To Develop Authentication Module Using Form Authentication

Feb 8, 2010

Am going to develop authentication part in the web site. I want my authentication module should not be hacked by any one and also want in secure side.

View 1 Replies

Security :: Using AD Authentication With Form Based Authentication & AzMan

Sep 2, 2010

I needed information regarding the capabilities & integration of AzMan tool with Asp.net.Currently, I got a Sharepoint 2007 website along with ASP.NET 2008 where I am using Form Based Authenication.Now, the requirement is any user within a domain registered in AD should be able to login in website through intranet.

Can I acheive this using AzMan, or I need to create two websites one with FBA for internet users and the other one for the intranet users with AD authenication. Also my intenet website is deployed and in use where usermapping and roles are already created, so using this tool what will be the impact on existing webiste.

View 2 Replies

Use Active Directory Authentication When Windows Authentication Fails?

Mar 29, 2011

I have a web application (intranet based) which uses Windows Authentication. Unfortunately there are public computers that have public logins at some company locations. My web app doesn't support these public logins because I need to know the user workingSo, even though these public users are windows authentication users, my app will fail because I have no user account setup for that particular account. I want to then try Active Directory Authentication.In my Default.aspx.cs I'd have something like this

protected void Page_Load(object sender, EventArgs e)
userContext = new UserContext(); // If the authenticated user isn't a user in my system then throw an exception

View 2 Replies

C# - Disable Authentication On Subfolder Of An App Using Windows Authentication

Apr 26, 2010

Is it possible to disable windows authentication on one or more subfolders of an ASP.net application using windows authentication?

For example:

A website contains several other folders that contain parts of the overall application: /frontend,/backend, /login

The bin folder is on the same level as these subfolder, i.e. the root of the website.

All of these subfolders contain pages that use binaries that reside in the bin folder of the root of the website.

The user must input windows credentials when visiting a page in the backend folder, but not when visiting a page in the login or frontend folder.

View 2 Replies

Configuration :: 2.0 Database Authentication - OS Authentication?

Jun 29, 2010

The webapp I am trying to deploy will have the IIS running on the same server as database.I have been assigned a domain account and have been asked to connect to the database using this account.I am not sure how to go about making the connection. I cannot enable impersonation as I need to mention the username and password and it will be security concern, also I need to give write permission onC:WINNTMicrosoft.NETFrameworkv2.0.50727Temporary ASP.NET Files (which is not allowed)The Webserver and SQL server runs with system account.Can you please let me know how to establish connectivity to the server using the domain account without mentioning the password anywhere.

View 1 Replies

AJAX :: PageMethods - Forms Authentication Cookie Not Always Sent?

Oct 26, 2010

Since last week I've had a really odd issue with PageMethods, the forms authentication cookie, and the back button which i've never seen before.

Essentially, I have a 'home page' which on document.ready (using jQuery), loads some data through PageMethods, and then renders a list - from which you can click through to a details page about the item. In general use, it works fine. However, using the back button after clicking through (ie: going back to the home page), it throws a PageMethods error. The browser's 'authentication required' prompt appears, and if you click cancel, the server returns a 401. The error returned by PageMethods on the client side is 'authentication failed'.

After inspecting the request in Fiddler, the forms authentication cookie isn't sent with the request, which would explain why it is happening. My fiddler entry for the request looks like this:


View 1 Replies

AJAX :: Forms Authentication To Prevent Methods Access

Nov 24, 2010

I am building a sort of administration control panel which is basically just giving the end user the ability to manage the database through my app rather than knowing Management Studio. Creating lists of users, creating events that the users can attend etc, nothing too complex. So I am basically building the whole thing using JQuery AJAX with ASP.Net to make the DB connection and what not. My Jquery code just calls a different static method in my pages code behind for each different task, passing JSON back and forth.

From what I've seen results-wise so far, my interfaces are much quicker (almost instant) and even tasks on the server take less time to return through JQuery. But if you looked at my javascript code, you can see the "Page.aspxMyMethod". That means that people can access my methods just by sending a request from anywhere? Will forms authentication prevent this because it goes through an aspx page or what?

View 2 Replies

Web Forms :: SSRS IIS7 Authentication Breaking Ajax?

Mar 11, 2011

Before I get started it's important to note that this issue only happens in IIS7 and IE7, which means it works fine in all our IIS6 environments and Chrome and Firefox hitting IIS7.

We have an ASP.NET 3.5 application that is doing a very basic window.open to open our report server.


window.open('http://555.55.5.55/ReportServer', 'Reports');

Once launched the user is prompted for their username and password. If the user selects cancel and goes back to the parent window they can use all the Ajax functionality just fine; however, if the user logs into report server then all the Ajax functionality on the parent window ceases to work (example error below). We changed the javascript line above to popup a window to google and everything worked fine. We even tried changing it to '_self' to act like a redirect and we had the same results, everything failed. The issue appears to be related to something in IE7 and the authentication popup.

We've already set the application pool hosting the site in IIS7 to classic mode and this did not resolve our problem.


Error: Sys.WebForms.PageRequestManagerParserErrorException: The message received from the server could not be parsed. Common causes for this error are when the response is modified by call to Reponse.Write(), response filters, HttpModules, or server trace is enabled.

Details: Error Parsing near ' <!DOCTYPE html PUB'.

View 3 Replies

Accessing PageMethods Through AJAX And Integrating With Forms Authentication?

Nov 8, 2010

I have an ASP.Net page with some static methods that I access from the client side using AJAX and the PageMethods capability of the ScriptManager control. The web site has forms authentication setup.My problem is that when the user is not signed in, and makes an action that calls one of the page methods, the operation fails and the failure handler is called as expected but the error object has the status code 500 (internal server error), while it was expected to be 401 (not authorized), because it's the forms authentication module who interrupted the request.Even when I write code like this in the service method:


I also get the status code 500, and an indication of a ThreadAbortException (because of Response.End) in the failure handler. It appears that the handler that carries out service methods calls consider anything that interrupts the execution of the method "an internal server error" regardless of the cause.

Now what should I do if I want to provide a message saying "You are not logged in" to the user, or even redirect him to the login page, while I can't distinguish between the several errors that may occur because I always get status code of 500.

View 3 Replies

Copyrights 2005-15 www.BigResource.com, All rights reserved