asp.net-membership

问题 I know the security risk associated and have brought it up with the business, but they want to have their 5 domains to share the login cookie. We are using and have no plan to stop using ASP.Net Membership and Profiles. Is this possible? A hack would even be greatly appreciated. 回答1: It is not possible with out of the box ASP.NET. Forms based authentication is based on a cookie and cookies can only be set to a specific domain. If you want true cross domain (not sub domains) shared

问题 I know the security risk associated and have brought it up with the business, but they want to have their 5 domains to share the login cookie. We are using and have no plan to stop using ASP.Net Membership and Profiles. Is this possible? A hack would even be greatly appreciated. 回答1: It is not possible with out of the box ASP.NET. Forms based authentication is based on a cookie and cookies can only be set to a specific domain. If you want true cross domain (not sub domains) shared

问题 I'm creating a custom role provider and I set a Authorize attribute specifying a role in my controller and it's working just fine, like this: [Authorize(Roles="SuperAdmin")] public class SuperAdminController : Controller ... But when an user doens't have access to this controller, he's redirected to login page. How can I redirect him to a "AcessDenied.aspx" page? 回答1: [AccessDeniedAuthorize(Roles="SuperAdmin")] public class SuperAdminController : Controller AccessDeniedAuthorizeAttribute.cs:

问题 So far in reading about possibilities of injection to custom membership providers, I've found two possible ways to do it: One is the following: http://bugsquash.blogspot.com/2010/11/windsor-managed-membershipproviders.html Here the author basically suggests to register your custom provider and then have a rather questionable windsor adapter for membership (I don't really like the way in which it instances your provider using a container it gets from HttpApplication , which it ultimately wraps

问题 How can I use the CreateUser method in the Membership class without having to assign a question and answer? I have disabled it in the web.config with the following setting. requiresQuestionAndAnswer="false" I need the status output from the CreateUser method, but the overload requires a question and answer. Can anyone suggest how I can go about this? 回答1: I haven't tried this, but have you tried just passing null for those two parameters? 回答2: you need to set parameters in web.config <system

问题 Edit: This question is outdated The Identity Framework was a moving target at the moment I asked this. The authors changed quite a few things and they have decoupled several others, making everything easier. Have a look at the Asp.NET Identity Sample project on github. I'm creating a small application that requires user management. Registration is not allowed, instead there is a super user that will create and modify login information. I'm using the new ASP.NET Identity membership system, and

问题 I've set up two ASP.NET applications on a machine, their web.config files contain the same applicationName value in AspNetSqlMembershipProvider item so they share users and roles. The problem sequence is: user logs into application A, opens new tab in a browser logs into application B, his login in application A is signed out and vice versa. Should I use a different approach to sharing login information between two applications? 回答1: The problem you have is because the same cookie used, for

问题 Newbie here, I havn't done much membership stuff for asp.net. I am trying to take advantage of the asp.net membership mechanism for a new app I am building, but I wish to store the member information in my own database. what are my options? Do I need to write a custom membership provider? or does asp.net have a standard provider for sql (with specified tables and column names)? Quick edit: Each member is logged in using their windows authentication, but I also need to store extra information

问题 I want to get the username after login but it doesn't work. public partial class Login : System.Web.UI.Page { string strUser; protected void Login1_LoggedIn(object sender, EventArgs e) { strUser = Membership.GetUser().UserName; Response.Redirect("Home"); } protected void Login1_Authenticate(object sender, AuthenticateEventArgs e) { strUser = Membership.GetUser().UserName; Response.Redirect("Home"); } } This is my error: 回答1: Membership.GetUser().UserName is null, because the new principal

问题 Do we need to add any references or import any namespace for Roles.IsUserInRole(username,role) - > is it not giving the right result. <% if(Model.Count < 1) {%> No User's Add Under You! <% } else { foreach (var item in Model) { %> <tr class="tblheader"> <th> User Name </th> <th> Last Activity </th> <th> Administrator </th> <th> Base User </th> <th> Print User </th> <th> SDI User </th> <th> Edit User </th> </tr> <% if(Model.Count < 1) {%> No User's Add Under You! <% } else { foreach (var item