forms-authentication

问题 I have a site where I have a admin.aspx page. Once the user has logged into the Admin.aspx page successfully, they will then be redirected to the Report.aspx page. Note that the Report.aspx page cannot be accessed without first successfully logging into Admin.aspx page. Keep in mind that there are other pages like index.aspx, etc which any user can view without logging in. I just need the authentication for JUST the Report.aspx page. I have the following code but does not seem to work as it

问题 We have an application that is currently required to be accessed using two authentication schemes, Forms Auth and Active Directory or NTLM / Windows Auth. The way the application is now, there are two IIS sites pointing to different folders with the same set of files, everything identical except the web.config. Before anyone flames me this was an inherited application, but nevertheless one I am now responsible for. We have an opportunity to do some refactoring and I'm trying to figure out the

问题 I've got a website that hosts many asp.net applications. Some of written in MVC2, some are written in MVC3, some are not written in house and binary deployed (although we can find source code) and many many more are written in ASP.Net 2.0 webforms. Across all of these sites we use a single login page from a login application. We can do this because all applications share: The same application pool The same machine key The same login cookie name My problem is they also share the security

问题 I'm saving http header cookie/sessionid information when calling a login webmethod so I can send it back on subsequent webmethod calls secured by formsauthentication. I think I just need to know the proper header values to save so and send them back. I'm calling these services from an android app using ksoap2. When I step through the code when calling login. I see two Set-Cookie header items: Set-Cookie ASP.NET_SessionId=wblzzrtfmli4blku2dslw5iw; path=/; HttpOnly Set-Cookie .ASPXAUTH

问题 I will soon be starting on a new web project that consists of 2 main areas. Forums / Community Recruitment Until now, I've always used straightforward Forms Authentication on my community websites, and that one method of authentication, with that one cookie/ticket has been used throughout the website (with varying roles per user also stored in the ticket). I haven't used the built in LogIn controls and instead have always just created my own login/registration form, and written the code to

问题 I am trying to get FormsAuthentication to work with my Razor app (MVC 3). I have a LoginController that calls my LoginPage (which is in Views/Shared); my web.config has LoginUrl set to "/Login/". When the app tries to bring up the main page, the [Authorize] line brings up LoginPage correctly, but that's where the problems start. Here's my LoginController.cs: using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Mvc; namespace ABMCEditAndReports

问题 I started a new MVC5 project and am implementing forms authentication (which I used to do using custom code to check the user credentials and the FormsAuthentication object to login and logoff). Now I've read that the identity model has changed, but I saw this line of code in the generated code: private IAuthenticationManager AuthenticationManager { get { return HttpContext.GetOwinContext().Authentication; } } Because later on the login is done on that object ( AuthenticationManager.SignIn )

问题 I have 2 web applications: one is an ASP.Net web app and the other is an ASP.Net WCF web services application. I want to the web app to the WFC web app's consume services. Eventually, these 2 apps will be communicating over a firewall. I want the user to log on to the client web app using forms authentication, authenticated by the wcf service, and then to be able to access service resources based on his roles. So far I have managed to log on using System.Web.ApplicationServices

问题 I have a domain www.foo.com and sub domain www.bar.foo.com . A user logs in at www.foo.com and is redirected to www.bar.foo.com . The site at the sub domain is a different website, and even though the cookie is being passed across correctly in the subsequent requests to both the primary and sub domain, the authentication on the sub domain isn't working. Both sites share the same machine key information and the web config for the two sites are configured as: www.foo.com: <authentication mode=

问题 So here's my situation. We have a web app that handles case management. For each case, there are typically several PDF documents. My company previously stored these documents in a standard filing cabinet. This made things a headache when we had to look up a case as we'd go to the web app, find the case information, then go to the filing cabinet. I want to develop a method so that users can upload the documents via the web app and link them together, so that when you find it on the web app you