forms-authentication | 易学教程

Access ASP.NET authentication ticket on Client (via javascript)

阅读更多关于 Access ASP.NET authentication ticket on Client (via javascript)

问题 I have an ASP.NET website that uses Forms authentication <authentication mode="Forms"> <forms name="NewsCoreAuthentication" loginUrl="~/Default.aspx" defaultUrl="~/Default.aspx" protection="Validation" timeout="300" domain="someRootDomain.com" /> </authentication> I need to identify if user is authenticated on web page after it was rendered to client. To accomplish this I thought that I can read document.cookie and check if ".ASPXAUTH" is there. But the problem is that even if I am signed in

Programmatically check if page requires authentication based on web.config settings

阅读更多关于 Programmatically check if page requires authentication based on web.config settings

问题 I would like to know if there is a way to check if a page requies authentication based on the web.config settings. Basically if there is a node like this <location path="account"> <system.web> <authorization> <deny users="?"/> </authorization> </system.web> </location> then I would like to check on any page if it requires authentication or not and to return true if it is under the account directory. Is this possible? 回答1: The solution is to create an anonymous identity (principal), and pass

saving the login name as current user identity in asp.net

阅读更多关于 saving the login name as current user identity in asp.net

So I'm making a asp.net login. I want the login name that people use to match an id in my SQL database. So that I can retrieve their information. But currently when I use the code below, from which I get the name of the computer I am currently on. However I would like the user Identity to be what they write in the username textbox at the login screen. If HttpContext.Current.User.Identity.IsAuthenticated Then Dim userName As String = HttpContext.Current.User.Identity.Name Response.Write(userName) End If So I looked for it on net and I think it might have something to do with my web.config file.

Cache ASP.NET page for anonymous users only

阅读更多关于 Cache ASP.NET page for anonymous users only

问题 Is there an easy way to cache ASP.NET whole page for anonymous users only (forms authentication used)? Context: I'm making a website where pages displayed to anonymous users are mostly completely static, but the same pages displayed for logged-in users are not. Of course I can do this by hand through code behind, but I thought there might be a better/easier/faster way. 回答1: You could use VaryByCustom , and use a key like username . 回答2: I'm using asp.net MVC, so I did this in my controller if

Global OnLoggedIn event in ASP.net?

阅读更多关于 Global OnLoggedIn event in ASP.net?

问题 Is there a way to be notified when a user becomes logged in with an ASP.net website? Note : A user can become logged in without visiting a "login page". If the "remember me" cookie exists, they can hit an arbitrary page and be logged in. When a user is logged in i want to fetch some session related information. Note : There is the Login.LoggedIn event. Problem is that that control doesn't exist on every page; and the one page it is present on ( Login.aspx ) doesn't call OnLoggedIn event. In

Accepting ASP.NET Forms Authentication cookies in an OWIN-hosted SignalR implementation?

阅读更多关于 Accepting ASP.NET Forms Authentication cookies in an OWIN-hosted SignalR implementation?

问题 I've got an self-hosted SignalR instance, using OWIN. I'd like to implement authorization. My users will already have logged into an ASP.NET MVC application, using Forms Authentication. Since the two applications will be available at the same URL, the cookies will be shared between the two. How do I accept a Forms Authentication cookie in a self-hosted SignalR application? Clarification: I'm talking about a browser accessing a self-hosted SignalR hub using the same credentials that were used

single sign on in asp.net

阅读更多关于 single sign on in asp.net

问题 We have developed implemented single sign on methodology to authenticate user. When a page is requested, if it is not authenticated then a login page will be redirected. Once they logged in the requested page will be shown. this is working when we don't assign a domain to the virtual directory. But when we assign the domain to virtual directory after the authentication the application is not redirecting to the requested page. We are using FormsAuthentication.GetRedirectUrl method to redirect

FormsAuthenticationTicket expires too soon

阅读更多关于 FormsAuthenticationTicket expires too soon

问题 This is my function that is called when a login is successful. (I am very new to this FormAuthentication thing) public static void CreateLoginCookie(User u) { FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(u.Id.ToString(), true, 9*60); string encryptedTicket = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) { Expires = DateTime.Now.AddHours(9) }; HttpContext.Current.Response.Cookies.Add(cookie); }

How do I customize the Forms Authentication cookie name?

阅读更多关于 How do I customize the Forms Authentication cookie name?

问题 I have 2 websites running on localhost in different ports. As browsers do not differentiate port numbers when sending cookies, my forms authentication ticket from one site is being sent to the other How do I solve this? I thought that a good solution would be to change the forms authentication ticket or one of the websites but I don't know how to do this. 回答1: In your web.config: <authentication mode="Forms"> <forms name="{WhateverCookieNameYouWant}" loginUrl="LogOn.aspx" /> </authentication>

How to store confidential PDF documents (file system vs. SQL) if we only use forms authentication

阅读更多关于 How to store confidential PDF documents (file system vs. SQL) if we only use forms authentication

So here's my situation. We have a web app that handles case management. For each case, there are typically several PDF documents. My company previously stored these documents in a standard filing cabinet. This made things a headache when we had to look up a case as we'd go to the web app, find the case information, then go to the filing cabinet. I want to develop a method so that users can upload the documents via the web app and link them together, so that when you find it on the web app you can just click a link to get the associated files. On the web app, we utilize forms authentication.