forms-authentication

问题 I have an asp.net web application with forms authentication and users (credentials) are checked against active directory, username is actually samAccountName attribute from AD. Now I need to enable users to get access to some files which are located on file share, where each user has his own folder. First proof of concept works like this: appPool in IIS is configured to run under some domain user, and this user was given R/W access to file share and all user folders when the user logs into

问题 I'm doing asp.net, using FormsAuthentication with the AdMembership proivder. I'm having to manually write a "change password on next logon" screen because it's not nativley supported in the provider. I call : if (Membership.Provider.ChangePassword(cpCv.LoginName, cpCv.OldPassword, cpCv.NewPassword)) to validate the user and change the password (but not clear the "on next logon flag") But it always fails, (I assume becasue membership validation fails when the "Change Password On Next Logon

问题 I have a small db, nothing fancy just 5 tables. I would like to use forms authentication but it creates its own db to do its stuff. I don't need anything fancy, and I certainly don't need the added infrastructure, but I'd like the security forms authentication provides. I have a person table, with a login and password field. how can I make it so forms uses these fields and returns my users id? is this even possible with forms? if not, how can I make it so forms creates it's infrastructure on

问题 I currently have an intranet site that is accessed by external customers. I therefore set this up using Forms Authentication. However the powers that be (my bosses) want all our domain users to not have to enter their username and password to access the site. I've done a bit or reading and everything seems to point to setting up a WinLogin.aspx page that you alter to use WindowAuthenthication and then redirect from there. I have a problem with this as I don't like the idea of putting an aspx

问题 I am creating a new MVC 4 app for a client that I had previously created ASP.Net 3.5 (VS 2008) apps for. I created a gateway app to launch several other ASP.Net 3.5 web apps , with the gateway app handling the login and the forms authentication ticket. As long as all of the other web apps have the same settings for the forms authentication and machine key sections all other apps were able to use the forms auth objects to see if the user was authenticated. I am now creating a new MVC 4 app

问题 My IIS looks like this: Sites -> Default Web Site -> MyWebApp Then the question is: How do I enable Forms Authentication on MyWebApp? I mange to change or edit Anonymous Access, Basic, and Windows Auth. However, Forms Auth is not that easy. How do I do this in Powershell? I'm able to read the setting this way: (Get-WebConfiguration system.web/authentication 'IIS:\sites\Default Web Site\MyWebApp').Mode I'm having trouble or no luck with Set-Webconfiguration, or Set-Webconfigurationproperty. I

问题 I have a ASP.NET MVC app on IIS7 using Forms Authentication in Integrated Mode. I am noticing that the ASP.NET runtime is being hit for every request that comes in even if it is only for static files (probably because of Integrated Mode). Is there a way to configure IIS7 to serve up static files without hitting ASP.NET? I've been thinking that the only way around this is to create a separate virtual directory just for static files -- a mini-CDN, if you will. Any other ideas? 回答1: To avoid

问题 I am developing an Internet app with ASP.NET MVC4 using VS 2012, IIS 7.5. I am using Forms Authentication for the same. The settings in my web config is as follows. <authentication mode="Forms"> <forms loginUrl="~/Account/Login" timeout="30" name="userInfo" slidingExpiration="true" enableCrossAppRedirects="false" protection="All" > <credentials passwordFormat="Clear"/> </forms> </authentication> But the Idle Timeout (minutes) setting in IIS is 20. When I refresh my application after 20+

问题 I have an MVC5 application that is throwing a NullReferenceException on the production server when using the [Authorize] attribute on a controller. The application is using forms authentication. The production server is Server 2008 SP 2 (.NET 4.5.1 and IIS 7). The start of the stack trace is: [NullReferenceException: Object reference not set to an instance of an object.] System.Web.Mvc.AuthorizeAttribute.AuthorizeCore(HttpContextBase httpContext) +38 System.Web.Mvc.AuthorizeAttribute

问题 I am using Asp.Net/C# to build an application.I am using Forms Authentication .I have a requirement such that many of my authenticated (not anonymous) users are restricted to certain page functionalities or user interface.I guess the Login Control could be used for only Authenticated vs Anonymous users.So my question is when I know that certain page component is to be hidden from particular authenticated users , how do I go about it.Do you think I need to use this on the page_load event to