FAQ Database Discussion Community


Login session never expires

c#,asp.net,cookies,forms-authentication
I am creating a HttpCookie in my AccountController during the login process like so FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); When model.RememberMe is false I notice that I am never logged out, even if I restart the browser. Shouldn't the session expire after 20 minutes or on closing the browser? I also, during the...

FormsAuthentication encrypt / decrypt

asp.net,encryption,forms-authentication,asp.net-4.5
I have 2 applications, one called www.domain.dk and a m.domain.dk Both of them has a login function (identical), but if you login on m.domain.dk and goes to www.domain.dk then it needs to remember that you have already logged in. And here comes the problem.. www throws and error saying that...

CurrentPrincipal.Identity.IsAuthenticated is true even after signout when FormsAuth cookie domain set manually

asp.net-mvc,forms-authentication
Refering to sharing cookie in subdomains I implemented jro's answer and it worked for sign in. (sharing the cookie in different sub domains) However with this change effected the signout process. Please refer to the SignOut and SignIn code I shared below. The issue is that in the signout process...

Asp.net share forms authentication by two applications in the same domain

asp.net,authentication,cookies,subdomain,forms-authentication
I have two applications in the same domain: mydomain/app1 and mydomain/app2, and I need to share authentication between them. One app is in Asp.Net WebForms, and the second is using WebApi2. I configured web.config like below: App1: <authentication mode="Forms"> <forms loginUrl="/Login.aspx" defaultUrl="/Default.aspx" name=".ASPXFORMSAUTH" protection="All" cookieless="UseDeviceProfile" slidingExpiration="true" path="/" domain="mydomain" requireSSL="false" timeout="60"...

Web Service Call for ADFS 2.0 Authentication

asp.net,asp.net-mvc,wcf,forms-authentication,adfs2.0
I have an ASP.NET MVC web app that uses ADFS 2.0 for authentication. Some of the MVC controller actions function as generic web service endpoints, receiving and serving JSON. I want to build a client application that automates some of the app's functionality. For that purpose, I am building an...

Getting the # route in from the Request in a controller in ASP.Net MVC

c#,asp.net,asp.net-mvc,asp.net-mvc-4,forms-authentication
I have an ASP.Net MVC web site using Forms authentication, with the loginUrl set to a Url which is used for authentication in the web.config. The login process calls the login controller which goes through a SSO process where it does a redirect etc and the log process works correctly...

MVC 5 with owin cookie middleware - owinContext.Authentication.sign in not issuing cookies

asp.net,asp.net-mvc,cookies,forms-authentication,owin
I am using MVC 5.2 and am trying to get the Owin cookie middleware working. In my login controller i do the following: public class LoginController { [AllowAnonymous] public ActionResult Login(LoginViewModel loginViewModel) { //authenticate .... var claims = new List<Claim> { new Claim(ClaimTypes.Name, "abc"), new Claim(ClaimTypes.Email, "[email protected]") }; var id...

about forms authentication and redirect

c#,asp.net,webforms,forms-authentication
Every time I try to Response.Redirect("tothepageIwant.aspx"); tt takes me to ~/Account/Logon.aspx Why is this happening? I'm using Forms Authentication, with a custom method of authenticating, using PrincipalContext.ValidateCredentials. If the credentials are valid, I want to Redirect.Response to the page I'm allowing the user to reach. Instead, anytime I successfully login,...

Bridging forms authentication and OAUTH

oauth,forms-authentication,thinktecture-ident-model
It's not hard to modify the forms authentication login process so that in addition to normal forms authentication, a WebClient object does basic authentication to the api/token url served by a Web Api DAL set up with Thinktecture IdentityModel. The returned session token can then be stored in the Session...

Persistent AuthCookie is set but being redirected to login

c#,asp.net,forms-authentication
I'm having problems with using a persistent AuthCookie. The validation and login works perfectly and if i close the browser and re-open it the authentication is still valid no redirect to the login page is done. I'm not sure what the exact time is but let's say that if close...

MVC 5 - authorisation blues with forms authentication

asp.net-mvc,forms-authentication
With WebForms I don't have a problem with forms authentication, but it's giving me grief in MVC 5 Added Secure to Areas, then Landing and Login In the main web.config file added this under system.web (also variants like ~/Secure/Login) <authentication mode="Forms"> <forms loginUrl="Secure/Login" /> </authentication> And sub web.config file (under...

Custom MVC Authentication without SetAuthCookie()

c#,asp.net-mvc,cookies,asp.net-mvc-5,forms-authentication
Because of the requirements of my project, I'm wanting to provide custom authenticate for my MVC controller actions. Therefore, I will not be using SetAuthCookie(). Intially I set a cookie as follows; string userData = EncDec.MakeString(user.Email + "|" + user.UserId); //the Cookie and FormsAuthenticationTicket expiration date/time is the same DateTime...

Error deploying database to SQL Azure

sql-server,azure,forms-authentication,sql-azure
I'm using forms authentication to handle users and attempting to deploy my database to SQL Azure, but getting this error message: The only table of the four listed that I utilize is aspnet_Membership, and the only other table I use is aspnet_Users from implementing forms authentication. What is TextInRowSize and...

Custom sign in not working

asp.net-mvc,razor,forms-authentication
I have created so a user can register, and his info is stored in the database. I now click on the log in, and type in the user credentials, and these will be retrieved as it should. But the system doesn't know that the user is logged in, e.i. if...

How to make satellizer use absolute url's?

angularjs,controller,forms-authentication,oauth-provider,satellizer
I'm making a signup form using satellizer. But it does not go to the right urk My console displays the following POST http://localhost:8000/http://104.236.150.55/auth/register 404 (Not Found) view2.js:185 Not found This is my config.js .config(['$routeProvider', '$locationProvider', '$authProvider', function($routeProvider, $locationProvider, $authProvider) { $routeProvider //for Landing page .when('/view2', { templateUrl: 'view2/view2.html', controller: 'View2Ctrl'...

Jetty JDBCLoginService doesn't pick up password changes?

java,servlets,jetty,forms-authentication
I'm successfully using the Jetty JDBCLoginService for FORM authentication (just as described in the Jetty configuring security authentication page). The first time a user logs in the JDBCLoginService caches the user password details (if you follow the logic through from JDBCLoginService.loadUser(String) you pretty quickly get to the user identity being...

Access Login Control from Different Page

c#,asp.net,webforms,forms-authentication
I have a website in C# where users are authenticated to a SQL database via login control. Everything is working fine currently as I'm using the web.config to to direct to the Login.aspx page if the user isn't logged in. What I would like to do though is access the...

What are possibilities that timeout is ignored when using forms authentication?

asp.net,asp.net-mvc,forms-authentication
We are running a MVC application on .NET 4.5 and I am playing with the session timeouts of sessionState and forms authentication: web.config: <system.web> <sessionState timeout="1"></sessionState> <compilation debug="true" targetFramework="4.5" /> <httpRuntime targetFramework="4.5" /> <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="2" /> </authentication> <!-- some more tags ... --> </system.web> According to this,...

asp.net get user information from xmlhttp requests

asp.net,ajax,forms-authentication
I am working on an application where certain actions are performed using ajax requests to a backend api page, such as adding likes to content. The javascript function will pass the user ID and content ID to the api page in an xmlhttp request. We use Forms Authentication with Active...

MVC Identity 2 using FormsAuthenticationTicket

asp.net-mvc-5,forms-authentication,asp.net-identity-2
I am replacing the (HttpContext.Current.User) IPrincipal with a custom version so I can store more information login and the user. I have done this before using the FormsAuthtenticationTicket, but those other ways were based on the Memberhipship and SimpleMembership providers. My question is, can i use the FormsAuthenticationTicket to store...

Trouble retaining CustomPrincipal type in HttpContext

asp.net-mvc,authentication,forms-authentication
I have an MVC app which I'm having trouble ex[posing a custom principal to my views. It has the following classes that help me manage auth cookies. public class AuthenticationManager { public void SetAuthCookie(UserViewModel user) { var serializeModel = new CustomPrincipalSerializeModel { Id = user.UserId, Email = user.Email, Name =...

ASP.NET MVC FormsAuthentication check if user logged in

asp.net,asp.net-mvc,forms-authentication
I want to show some div at the view only if user has logged in. That's how I tried to do it: @{ if (Request.IsAuthenticated) // if (User.Identity.IsAuthenticated) { <div> Some content only for logged in users. </div> } } But Request.IsAuthenticated (and User.Identity.IsAuthenticated) is always true, even in the...