forms-authentication

问题 I'm trying to make a section of a MVC 5 webpage restricted to users of a certain Active directory group, however the [Authorize] attribute (on controller) blocks logged in users aswell. My Login page code behind looks as follows: public class AccountController: Controller { [AllowAnonymous] public ActionResult Login(string returnUrl) { ViewBag.ReturnUrl = returnUrl; return View(); } // POST: /Account/Login [HttpPost] [AllowAnonymous] [ValidateAntiForgeryToken] public ActionResult Login

问题 I am using the simple authentication thing.,,.. Using this in config file.... <authentication mode="Forms"> <forms name=".COOKIE" loginUrl="login.aspx" protection="All" path="/" timeout="480"/> </authentication> <authorization> <deny users="?"/> <allow users="*"/> </authorization> The user who is not logged in should be sent back to login.aspx. BUT currently it is not happening. User is able to go to any page. While it is working well in my local but not working on server. What is the thing

问题 I am trying to implement a Web Application Project where my web pages can check the server for the Authentication ticket expiration date/time using AJAX. I am using Forms Authentication with slidingExpiration. The problem I run across is I can't figure out how to check the value without resetting it. I created a simple page - CheckExpiration.aspx - below is the code behind: private class AjaxResponse { public bool success; public string message; public string expirationDateTime; public string

问题 So, I've been coding for a little (2 years), and I have a very subjective question: Is it wrong to use $_REQUEST for Data? This mainly pertains to authentication by the way. If you think about the 3 ways data can occur in $_REQUEST , it can come from either a cookie, a form, or a query string. Now, I know that most people directly grab the information from either $_POST or $_GET , using $_COOKIE only when they are expecting a cookie. My theory is that in reality, there shouldn't be any

问题 I think creating a simple user-registration on Orchard CMS should be easy? What I need is a simplest set of steps that need to be followed to use basic user registration/authentication in my test app, something similar to http://orchardproject.net/gallery/Users/Account/Register. I've been scanning through google results on this, but most only talk of customization through external modules, I dont think I'll need external modules for a simple user authentication mechanism? Register/ Login/

问题 In our company, we have a large base of application built with Asp.net Web Forms 4.0 that use forms authentication as a single-sign-on authentication. Configured something like this: <machineKey decryptionKey="..." validationKey="..." /> <authentication mode="Forms"> <forms cookieless="UseCookies" loginUrl="/url/to/login" /> </authentication> Last times we are working on some projects that use Owin Cookie authentication. According to the searches I did, both methods are not compatible.

问题 Building an ASP.NET intranet application which will authenticate domain users using Windows authentication so there is no need to login. Some users will be accessing the site over wifi and these users will not be authenticated on the domain. Therefore for these users only I need to present a login screen and authenticate them with AD using an LDAP connection (i.e. Forms authentication). I've been hunting around for a reliable solution. There are numerous SO questions (here, here, here, many

问题 I am using forms authentication. My users are redirected to a page (written in web.config) when they login, but some of them may not have the privilages to access this default page. In this case, I want them to redirect to another page but RedirectFromLoginPage method always redirects to the default page in web.config. How do I make the users login, and then redirect to a page which depends on some criteria? 回答1: The SetAuthCookie allows you to issue the auth cookie but retain control over

问题 Could anyone please tell me, how can I handle the j_security_check servlet in Form based authentication in java? Do I have to map the servlet class with j_security_check name in web-xml file like: <servlet> <servlet-name>Anyname</servlet-name> <servlet-class>Anyclass</servlet-name> </servlet> <servlet-mapping> <servlet-name>Anyname</servlet-name> <url-pattern>/j_security_check</url-pattern> </servlet-mapping> If I enter the user name and pasword, and click on submit, then how will servlet

问题 I have a website using Forms Authentication on domain1.com. I've been asked how a login page can be developed on domain2.com which logs the user into domain1.com and redirects them to the domain1.com homepage (domain2.com has no membership system and is purely an alternative page to log in to domain1.com from). Is this possible out of the box or would I need to develop a page on domain1.com which authenticates the login request from domain2.com? 回答1: Yes, you can reuse the auth page. Create a