forms-authentication

问题 I have an ASP.NET 4.5 webforms site and trying to setup forms authentication. I have an Account folder with a Login.aspx page within. The main web.config contains the following: <authentication mode="Forms"> <forms loginUrl="~/Account/Login.aspx" timeout="2880"/> </authentication> <authorization> <deny users ="?" /> <allow users = "*" /> </authorization> When I browse to the site, it appropriate redirects to Account/Login.aspx and then throws a browser error indicating Too Many Redirects . I

问题 I have an ASP.NET 4.5 webforms site and trying to setup forms authentication. I have an Account folder with a Login.aspx page within. The main web.config contains the following: <authentication mode="Forms"> <forms loginUrl="~/Account/Login.aspx" timeout="2880"/> </authentication> <authorization> <deny users ="?" /> <allow users = "*" /> </authorization> When I browse to the site, it appropriate redirects to Account/Login.aspx and then throws a browser error indicating Too Many Redirects . I

问题 Summary of problem After logging in with Chrome via Forms Authentication. The landing page as returnUrl will error my jQuery ajax without hitting the server. The status code = 0 and the message = "error" . (Hardly useful). Having tried Firefox and not being able to replicate the problem, I am starting to think Chrome is the issue. Clearing caches, closing and reopening does not fix. The closest article i can find is this. jQuery Ajax - Status Code 0? However, the URL is relative, /Test

问题 I've inherited a project that uses forms authentication, but a recent feature request requires me to get the Windows username of some users. It's a website that uses Forms authentication (and I do NOT want to change this, it would be too much work at this point) but I have had a feature request to allow our internal users to login more easily (usually without having to put in their password or username). My current method is HORRIBLE, it involves checking the ip address to see if they're

问题 I'm developing a MVC2 application and using Forms Authentication on it. The scripts, images and styles are all blocked to unlogged users and, consequently, the login page looks awful. It works well local, the problem is when I publish to the server. Does anyone has any idea WHY???? PS: The server IIS is version 7.5 My Web.config : <configuration> <system.web> <globalization culture="pt-BR" uiCulture="pt-BR" /> <httpRuntime requestValidationMode="2.0"/> <customErrors mode="Off" /> <compilation

问题 We are looking to secure a bunch of ASP.Net 2.0 .asmx web services. The which will host the web services is already forms authenticated. Is it possible to secure the web services using forms authentication? What are the pros and cons and other possible ways to achieve this. We certainly don't want to pass a username/pwd or token in each web method call. 回答1: The thing with form authentication is that its designed for people, where as a web service is designed to be consumed by a client

问题 Are there any possible issues with using the default Forms Authentication (see below) on Load Balanced servers? If there can be, what can I do to prevent the issues. <authentication mode="Forms"> <forms loginUrl="~/Login/" protection="All" timeout="30" /> </authentication> Can I use cookies (used by default)? Do I have to go cookieless? etc... Also, does Microsoft (or VMWare) have a VirtualPC download that is an instant Load Balanced testing environment? 回答1: There is one issue. The cookies

问题 Is HttpContext.Current.User in global asax not the same as HttpContext.User in an action method? I assigned the user some roles, but they seem to get lost. The code below shows what is happening. Both Asserts get hit when a user is logged on, first in global asax, then the action method. However they give different results. First this: protected void Application_AuthenticateRequest(object sender, EventArgs e) { // ... omitted some code to check user is authenticated FormsIdentity identity =

问题 I'm working on an mvc .net application and I'm using forms authentication. I want to redirect user to the page he requested after he gets authenticated. Any help would be appreciated. 回答1: If you create an ASP.NET MVC 3 or 4 Internet Application project, it'll have a complete example of how to use return url's when authenticating. When you add the AuthorizeAttribute to a controller to force authentication, it'll redirect the user to your Login method, and automatically append the returnUrl

问题 I'm working on an mvc .net application and I'm using forms authentication. I want to redirect user to the page he requested after he gets authenticated. Any help would be appreciated. 回答1: If you create an ASP.NET MVC 3 or 4 Internet Application project, it'll have a complete example of how to use return url's when authenticating. When you add the AuthorizeAttribute to a controller to force authentication, it'll redirect the user to your Login method, and automatically append the returnUrl