forms-authentication

I've got an self-hosted SignalR instance, using OWIN. I'd like to implement authorization. My users will already have logged into an ASP.NET MVC application, using Forms Authentication. Since the two applications will be available at the same URL, the cookies will be shared between the two. How do I accept a Forms Authentication cookie in a self-hosted SignalR application? Clarification: I'm talking about a browser accessing a self-hosted SignalR hub using the same credentials that were used to log into a separate (but related, and installed on the same host) IIS application. So, the question

I'm learning MVC4 right now, and I am following the Pro ASP NET MVC4 4th edition book to create a Sports Store project. I have always developed in webforms, and I am trying to figure out how the forms authentication is working in MVC4. Here is what I have achieved: Web.Config <authentication mode="Forms"> <forms loginUrl="~/Account/Login" timeout="2880"/> </authentication> AccountController login Action: [HttpPost] public ActionResult Login(LoginViewModel model, string returnUrl) { if (ModelState.IsValid) { if (authProvider.Authenticate(model.UserName, model.Password)) { return Redirect

This is my function that is called when a login is successful. (I am very new to this FormAuthentication thing) public static void CreateLoginCookie(User u) { FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(u.Id.ToString(), true, 9*60); string encryptedTicket = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) { Expires = DateTime.Now.AddHours(9) }; HttpContext.Current.Response.Cookies.Add(cookie); } In the web.config I have <authentication mode="Forms"> <forms loginUrl="~/Default/Login" timeout="540"

I have a control that i've written that has a javascript component and a web service component. The problem i'm having is that the javascript is set to do: setInterval(this._checkAlertsHandler, this._messageCheckInterval * 1000); This calls a function which makes a webservice call like so: Alert.SiteAlertService.GetAlerts(this._receivedAlertsHandler, this._errorReceivedAlertsHandler); So this is using the web service javascript proxy methods to access the web service. The issue is that our application has forms authentication and a timeout value, so if the user is idle for too long it will log

In an MVC4 app, in a controller logic I want to check if the user is logged in. Should I use: User.Identity.IsAuthenticated Or: WebSecurity.IsAuthenticated As far as I know WebSecurity is just a wrapper. Should I use it or User.Identity has different functionality ? As far as I know WebSecurity is just a wrapper. That's correct, both are the same. Let's have a look at how the WebSecurity.IsAuthenticated property is implemented: public static bool IsAuthenticated { get { return Request.IsAuthenticated; } } and now let's look at how the the WebSecurity.Request static property is implemented:

I'm trying to encrypt some userData to create my own custom IPrincipal and IIdentity objects using Forms authentication - I've serialized an object representing my logged in user to Json and created my FormsAuthentication ticket like so: string user_item = GetJsonOfLoggedinUser();/*get JSON representation of my logged in user*/ System.Web.Security.FormsAuthenticationTicket ticket = new System.Web.Security.FormsAuthenticationTicket(1, WAM.Utilities.SessionHelper.LoggedInEmployee.F_NAME + " " + WAM.Utilities.SessionHelper.LoggedInEmployee.L_NAME, DateTime.Now, DateTime.Now.AddMinutes(30), false,

I have 2 websites running on localhost in different ports. As browsers do not differentiate port numbers when sending cookies, my forms authentication ticket from one site is being sent to the other How do I solve this? I thought that a good solution would be to change the forms authentication ticket or one of the websites but I don't know how to do this. In your web.config: <authentication mode="Forms"> <forms name="{WhateverCookieNameYouWant}" loginUrl="LogOn.aspx" /> </authentication> 来源： https://stackoverflow.com/questions/3631617/how-do-i-customize-the-forms-authentication-cookie-name

I am using spring security in my application where I am intercepting some URLs for authentication. Although URL "/securedMapping1" is prompting for user to login by displaying login page, the login, however, is not working. Even if I give the correct credentials, I am going back to login page with "Bad credentials" error by invoking URL for failed authentication i.e, authentication-failure-url="/login?error=true" is called every time regardless of correct/incorrect credentials. Could anyone help me figure out whats going wrong? Below is the code from important files: Web.xml <?xml version="1.0