Security :: Secured Site Using The Login Control / Do Not Want Them Redirected Based On Their Login Status?
Mar 24, 2011
I am doing a simple secured site using the login control. I would like users to be redirected to their dashboard page once they log in, but after that if they choose to browse I do NOT want them redirected based on their login status. I am using the generic template provided in VWD with the basic login setup in the template including the tabbed ASP menu control - nothing fancy, nothing custom. This is intended to be something very simple and quick. Here is the code I am using for the page load...
[Code]....
So if I do this code WITHOUT the "IsPostBack", logged in users are always redirected to their dashboard and cannot see the hompage. However with that IsPostBack test, the redirect after initial login doesn't work.
I know this is extremely basic and simple, but I am restarting with this stuff after a year away, and I need a nudge.
Is there something here messing up my login functionality? I can't log in. Before when I was logged in, I couldn't log out. It seems to have started when I clicked on "Remember me". Could there be something conflicting with web.config and the aspnetdb profile provider service setting that was initially set regarding profiles/roles/access?
My login page is the usual login.aspx so I don't need to set the loginurl.I have a standard loginsatus control to display the current status and allow the user to login/logout.
[Code]....
On the my development machine this works fine. However when I release it to a test site when I click the "login" link the request sent to the server includes as number of percentage-coded / so the request looks something like this:
I've set up a system with forms based authentication and using the asp:Login control. When I put in an invalid password I get the approriate invalid password message. However when I put in a valid password, it does nothing...just returns to the login page again. I'm triple checked the login info. There is no error message, and the invalid attempts counter doesn't increment. When I put a break point in the Login_LoggedIn event of the Login form, it hits it, but User.Identity.IsAuthenticated is false. I'm not 100% sure it should be true at this point, as I'm pretty new to .NET but it seems kind of odd.
My user database is stored in a sqlserver 2005 db that already existed. I've added a new connection for it.In the authorization I have
We have created a windows application which is distributed amongst our clients. The application uses SQL Server 2008 as the back end and each client uses their own database on their own server. The databases are all exactly the same but each clients data is specific only to them.
We would like to offer our clients the ability to log-in to our website which would then login to their own database so that when they are out in the field they can perform similar tasks to what they can do with the windows app.Each of the clients databases has a user table containing their login details, permissions etc.
Our server is running on IIS and has SQL Server 2008 installed but it only contains our data and nothing of the clients.How should we go about this?
What I mean is do we need to make each client have an additional login to our main server which would then hold each clients individual connection strings etc which would then be used to connect to there specific database and then they would need to login again?? Seems like a nightmare for the user.
I want to display a menu (which will be strongly typed with it's own unique model) across all pages only if a user is logged in.What menu items are available depend on the user's role and also I'll need to hit the repository to get numbers like "x Messages", etc
Been scratching my head for a simple solution here. Don't want to create something that need changes all over the place.All my controllers derive from a BaseController, all my Models from BaseViewModel....probably where I'll be implementing functionality for this.
I set up a secured folder in my website. When I access this folder via web page, it pop up a windows login form to ask for user name and password. I would like to code the asp.net page or java script to access this secured folder with username and password without pop up the login form. find the method for asp.net page accessing the secured folder automatically.
On my website navigation, I have a link to a registration page. The issue is, I only want that link viewable when the user is not logged in.If the user is logged in, I want that link to disappear from the website navigation.
I have created my first MVC application. I am using forms authenticataion. I have created a custom action filter MyAppAuthorizationFilter which inherits from AuthorizeFilter. Inside this filter I'm authenticating the user credentials by checking them against a database table (by overriding OnAuthorize method). If the user is not authenticated, I am redirecting the users to a login page (which is view of LoginController). I am using this filter agaginst my main controller so that all actions in this filter will execute only if the user is authenticated.
I do not have any problem when I use the asp.net development server (shipped with Visual Studio). But when I deploy the app to our IIS7 server, I can see the login screen when I access the default url, but after entering the credentials (both correct and incorrect) and posting back the Login page, it stays on the Login page (clears the pwd, but not the username). Its never getting redirected to the home screen or invalid login screen.
IIS 7 server has .net framework 3.5SP1, but no MVC. So I deployed the System.Web.Mvc dll in the bin folder.
Here's my Code (I've omitted the views and models as they are not needed here):
[MyAppAuthorizationFilter] public class MainController : Controller { // // GET: / [code]......
I have written custom code for login and logout...When use clicks on logout button the current session is closed and user is redirected to a login.aspx page...The problem is that when a user click a back button on internet explorer it the previous page he was navigating is shown to him...(altough he cant perform any operation as session is null and their is condition in page load that if session is null user should be redirected to login page)May i have to clear cache of client ??
While i was using asp.net2.0 login control on IIS6.0 (WINDOWS SERVER2003) ON INTRANET FOR Login it shows login failed even it was working right on asp.net development server. i was using asp.net membership provider for this
I have the following log in status controls on the top of my master page. It displays the logged in as, manager log in, and Log out options.However, when a user is not logged in, there is nothing displayed there. When the user is NOT logged in, is there a way to display a "Login" text link that takes you to the log in page and then "disappears" once the user is logged in?
This works fine - I have now added to the page a LoginStatus as when they arrive they are loggen in. The problem is when the user clicks the Logg off link I get the error on the page below -
Object reference not set to an instance of an object. Description: An unhandled exception occurred during the execution of the current web request. review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.
Source Error:
[Code]....
Is this because the page load is trying to get the logged on user ID
but they have just logged out?
How can I allow the User to logg out without getting the error?
After reading a book I brought on ASP.net I fould the login controls to be very nice.I have set it up in my application so that customers can login using the standaard login controls and things were going smooth.But in my schema for my application I also have a table for customers (firstName, LastName, DOB, etc).And of course the customersID is used as a foreign key to tables such as Orders, Addresses (Home, Work, Postal).
The thing is how to i associate an asp.net login to a customer name in my table so that the CustomerID can be used through the application by knowing who is logged in.
which i added one sitemap in whcih i added all the pages n i want to retrive that sitemap in masterpage based on login in whcih suppose admin hs login then display only admin pages with sitemap n if normal user hs login then it ll display only normal user pages with sitemap. here i didn't use login control but i create login page manually.
i have a login control ,it works perfectly,,and i put login status, i get a specific problem when i specify the login image URL for my login status ,,the login control can't redirect me to the default page even when iam the right person ,it even does not enter the logging event in this case ,,when i remove the image URL every thing is okay, i wanna to use image url to clarify the status..i note some thing:
when i enter the user name and password and click enter through keyboard i logout and the focus is on the login status control ,, when i click on the button every think is okay
I have an application that uses the ASPNET role provider.My SQL Server crashed so I took a backup of the database and restored it to a new SQL Server and changed the db connection string to that server.The web site runs but no users can login to the site.Is there something that I should have done when the db was on the other server?
