forms-authentication

问题 I have MVC4 application which uses SimpleMEmbershipProvider for authentication mechanism. Everything works fine, apart of when I return to the application and authenticate using persistant cookie. I am authenticated fine, but cannot access roles that I am assigned to. Effectively, cannot access roles at all: string.Join(",", Roles.GetRolesForUser(User.Identity.Name)) returns empty string What might be causing that? 回答1: This can happen when the SimpleMembershipProvider hasn't been initialized

问题 I am using Forms Authentication in my website. I have seen in some example code that one can call .SignOut() and then use FormsAuthentication.RedirectToLoginPage() to send a user to the login page. What advantage, if any, does this have over calling RedirectToAction("Login", "Account"); in an MVC website? From MSDN it seems that the former will not call HttpResponse.End() which means that code that follows will execute... I'm not sure when I would need to use this feature. 回答1:

问题 We have an ASP.NET application using Forms authentication (ASP.NET Membership). Now we would want to make it to be claim-aware ASP.NET application in below scenario: ADFS acts as an IP-STS for intranet (AD) users If AD User is not mapped to ASP.NET Membership User or mapped ASP.NET Membership User does not have permission to access application --> Fallbacks to form authentication (an external IP-STS) If end-user accesses the application from outside the domain, we don't want ADFS to prompt

问题 Currently I have a few projects that use Forms Authentication and I'm able to have users log in with their AD Account. The way I have been doing it, is very easy. web.config //first I set up the connection string to the active directory account <connectionStrings> <add name="ADService" connectionString="LDAP://ourDomainController/OU=stores,DC=DOMAIN,DC=net" /> <ConnectionStrings> //Then I add the membership provider for active directory <membership defaultProvider=

问题 There is an integration with an API for conducting live online classes. The API wanted us to post a form to their site along with a parameter called customer_token as an input field. It is used for authentication by the API and every customer site is assigned one token. The customer token is actually some hashed value of the domain name or IP or something. Now, after the integration, they want me to hide the customer_token input field somehow from being accessible through mozilla's firebug

问题 I'm trying to implement token-based authorization for an Asp.Net MVC2 app, and I think my approach is wrong. First off: by token-based authorization I mean that when an unauthenticated user goes to http://myapp.com/some/action?tok=[special single-use token here] they are logged in. All of the controllers in my app extend a common ApplicationController , so my approach was to override OnAuthorize on that controller as follows: class ApplicationController { protected override void

问题 I am a little in a trouble to find out how to redirect an ajax request to the login page when using forms authentication in asp.net mvc. In OnAuthorize method I know that the request needs authorization. And if the cookie was deleted because of timeout etc., I want to redirect the user to the login page. But generally the requests are triggered by jquery via ajax request. So the requests are returning the html of the login page. So how can I redirect the user to login page for an ajax request

问题 I have two web application. One is for centralized Image server. Suppose they are a.com and b.com b.com is for image server. and a.com is where my application is hosted. I have created a handler for images ob b.com which process the request and add watermark and send it back to a.aspx. I am passing the path of the image (absolute like http://b.com/ImageHandler.ashx?id=imageurl) to the Handler on b.com Now I am not able to authenticate the request on b.com Now I am thinking about Handler which

问题 I've 2 web sites, the first one is myFirst.domain.com and the second one is mySecondSite.domain.com . They stay on two different web servers and my goal is to allow cross site authentication (my real need is shared FormsAuthentication Cookie). I've correctly set up my web.config file (machine key node, forms node). The only difference is about loginUrl where on myFirstSite appears like ~/login.aspx , and on mySecondSite it appears like http://myFirstSite.com/login.aspx . Note that I've not

问题 Similar to this question: Single Sign-on - MVC3 and Webforms I have a MVC3 application with custom routing that takes the first part of the sub-domain URL and uses it as a variable. So, for example, test1.mydomain.com gives my controllers the variable subdomain a value of test1. If we type in test2.mydomain.com, then the controllers receive "test2". The problem is with authentication (using built-in forms auth). If I log on while on test1.mydomain.com and then navigate to test2.mydomain.com,