forms-authentication

问题 I have a basic ASP.NET website set up in IIS7 with forms authentication enabled on the server. Just for grins, I deny everyone: <?xml version="1.0"?> <configuration> <system.web> <authentication mode="Forms"> <forms name=".ASPXAUTH" loginUrl="Login.aspx" defaultUrl="Test.aspx" protection="All" timeout="30" path="/" requireSSL="false" slidingExpiration="true"/> </authentication> <authorization> <deny users="*"/> </authorization> <compilation debug="true"/> </system.web> </configuration> When I

问题 I'm creating an application that will get the contents of a cookie storing a forms authentication ticket from .net. That part is done. In that ticket is an expiration time, by default 20 minutes. So the scenario is, a user logs in and is validated on the .net side. Then they are redirected to my PHP app. I get the username, ticket expiration, etc. What is the best way to go about renewing the ticket as the user stays active on my app? Here are two possible approaches, I'm sure there are more:

问题 On my Login page only I am getting 18 JavaScript errors and the main one seems to be: 'ASP.NET Ajax client-side framework failed to load.' I have a feeling it has to do with security since I just recently added Forms Authentication to the site. If I login all errors go away. It seems like sys is undefined when this line tries to run : if (typeof(Sys) === 'undefined') throw new Error('ASP.NET Ajax client-side framework failed to load.'); I have the following in my Web.config: <authentication

问题 Im using C# and ASP.NET. I have this file structure on my website: ~\Admin\SecuredFolder\ManageWebsite.aspx ~\Admin\Login.aspx ~\Homepage.aspx What i'm trying to achieve is pretty much simple but i guess all my attempts till now turned out too complex and i'm kinda confused. my goals: Homepage.aspx and Login.aspx should be public for all (anonymous users) SecuredFolder should be for logged users ONLY (ie: admin users). Whoever attempt to access any page in this folder (without being logged)

问题 a very simple problem, maybe someone has a tip for a MVC Beginner like me. I want to Password protect an MVC Application - just on user / password is necessary - I did it via ASPNETDB and SqlMembershipProvider, but there should be hopefully an easier way - in webforms I did it via adding user / password to web.config. Do I really need to write my own XmlMembershipProvider to solve that problem? If yes, do you know a really simple existing XmlMembershipProvider that can do this for me? Many

问题 I have an ASP.NET login control on a page, with the "Remember Me" checkbox displayed. I have checked in trace and the authentication cookie is being created, I have sliding expiration set and a timeout of 60000, yet when I return to the website the login is not being remembered. Any ideas where else I can check? Thanks, Darryl 回答1: Correct! The Remember Me checkbox doesn't do anything for you and why should it? After succesful login; you could create the cookie from code and (when entering

问题 I've a web site that uses forms authentication. For the most part, my web site requires authentication to do anything. My privacy statement page is an exception and has to be accessible to anonymous users. The page is in a folder, and I've set the location path information in the web.config as follows: <location path="about"> <system.web> <authorization> <allow users="*"/> </authorization> </system.web> </location> <location allowOverride="true"> <system.web> <authentication mode="Forms">

问题 I am trying to set up forms authentication across multiple servers and subdomains but I am finding an issue where it works on some of our boxes and not others. We are passing 2 cookies from one server to another. One the Forms Authentication encrypted cookie and the other an non encrypted cookie. We have the correct keys set on both boxes: <authentication mode="Forms" > <forms name=".MSLA" protection="All" timeout="30" slidingExpiration="true" path="/" enableCrossAppRedirects="true" /> <

问题 I am running up against an issue with forms authentication in ASP.NET web forms, where the login page redirects to itself for some versions of IE. I have followed the advice on similar SO questions and added cookieless="UseCookies" to my Web.config, but it has made no difference, and you can see that the server is indeed trying to set cookies for every request. The server is running Widows Server 2008 R2 Enterprise SP1 with .NET Framework 4.5.1 fully updated as of today (2/16/14). I used

问题 I am using Forms Authentication for the default MVC site, and i also have a custom DB table with extra user information (LINQ2SQL). I have some logic that loads the extra data from the db when the user logs in manually on the site, but the same logic is not executed when the users data is loaded from the persistent cookie stored when they logged in last. At what point is that users data loaded, and how do i add my own logic during that event? 回答1: IN your global.asax you can hook into the