forms-authentication

问题 I have a basic ASP.NET MVC 4 site which I am hosting on Azure websites. The authentication is forms authentication and has not been customised from the default template. Every time I publish, when I revisit my site, it just hangs with a very long timeout (couple of minutes perhaps) before finally showing me an error message. I can recover by deleting the cookies for the site in my browser and reloading. Initially the problem was just trying to access pages that required authentication, but

问题 I have a FormsAuthentication cookie that is persistent and works independently in a development, test, and production environment. I have a user that can authenticate, the user object is created, the authentication cookie is added to the response: 'Custom object to grab the TLD from the url authCookie.Domain = myTicketModule.GetTopLevelDomain(Request.ServerVariables("HTTP_HOST")) FormsAuthentication.SetAuthCookie(authTicket.Name, False) Response.SetCookie(authCookie) The user gets processed a

问题 hundreds of hits for these keywords, but nothing that is totally relevant. So my web server is behind a load balancer. The web site is exposed by SSL. When I open my logon page https[mydomain]/app/somepage.aspx, I am redirected to http://[ip address of server]/app/somepage.aspx. I tried the follwing Setting the loginurl to https[mydomain]/app/somepage.aspx, doesnt work tried fiddling with the binding in iis, but there's an issue that forces us to use appcmd to set the hostname, but nothing

问题 I am developing a login page. On successful login, the user will be redirected to a different page. In the form, I have kept form attribute method="post" because I do not want the username and password to appear on the url. However, on successful login, when this.router.navigate(['post']); is executed, I am getting the error "cannot POST /post". If I write method="get", things are working but the username and the password are appearing on the url. Please let me know what would be the correct

问题 I receive the following request error from my WCF Rest web service when using forms Authentication and Authorization. It works fine without the Authentication and Authorization:- "The server encountered an error processing the request. Please see the service help page for constructing valid requests to the service." Its built in .net 4 so no .svc file, here is the service code:-- namespace WcfRestService1 { [ServiceContract] [AspNetCompatibilityRequirements(RequirementsMode =

问题 I am trying to implement a custom role manager in an MVC5 application using the following Custom Role Provider Tutorial. I have created my Custom Role Provider overiding the 2 required functions. namespace Models.Security { public class CustomRoleProvider : RoleProvider { /// logic public override string[] GetRolesForUser(string username) { /// logic public override bool IsUserInRole(string username, string roleName) { I then need to alter my web config to use this new provider... <system.web

问题 With ASP.NET 4 and Forms Authentication: Is it possible to use one database to store data for: Authentication of users (Using Forms authentication) Role Management (Need Admins, and Member roles with various access levels) Data used throughout the webiste, user preferences etc I read that the database used as the Authentication provider needs to follow a specific schema, does this mean no other tables and data can be added to the SQL Database being used, or just that the tables storing data

问题 We have a FluorineFx / ASP.Net application which uses forms authentication to identify the current user. To use these credentials in FluorineFx, we use FluorineContext.Current.User.Identity . When I log in the first time, the current context neatly reflects the right identity. When I log out, I perform a FormsAuthentication.SignOut() and a Session.Abandon to invalidate both the user credentials and the session. But when I log in again as another user, FluorineContext.Current.User.Identity

问题 I need an area in my website where only certain users can view. What I did was create a Video folder. Under that foler I have folders One called Login and the other called WatchVid. In the Login folder I have a page called Login.aspx. Once the user logins in they will then go to /WatchVid/Watch.aspx Below is a representation: Video Folder | | ----> Login Folder | | | | | ---> Login.aspx | ----> WatchVid Folder | | --->Watch.aspx I have the following web config file in my WatchVid to only

问题 I'm looking to put SSL into place to prevent cookie replay attacks on our site. The site is using .NET forms authentication. Do I just need to enable SSL for the login page or would it be every page behind the forms authentication that needs to be secure? THanks 回答1: You would need to enable SSL for every page where the browser is instructed to send the authentication ticket cookie. By default, that would mean every page on your website, although when writing the cookie to the browser you can