Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Q: form authentication complete?

Reply
Thread Tools

Q: form authentication complete?

 
 
=?Utf-8?B?SklNLkgu?=
Guest
Posts: n/a
 
      06-24-2005
Hello,
I used this site to do form authentication
http://msdn.microsoft.com/library/de...l/secmod17.asp

My code successfully comes to the point:
if (passwordVerified == true )
{
// The user is authenticated
// At this point, an authentication ticket is normally created
// This can subsequently be used to generate a GenericPrincipal
// object for .NET authorization purposes
// For details, see "How To: Use Forms authentication with GenericPrincipal
// objects
lmsg.Text = "Logon successful: User is authenticated";
Server.Transfer("MyMainPage.aspx", true);.
}

As you see, I do not do anything after that and switch to my main page by
using Server.Transfer("MyMainPage.aspx", true);. My problem is, even if I
have anonymous access and integrated windows checked, I get prompt to login
when I go to my main page. Maybe I should cerate ticket here to complete
authentication. If that is the case, how can I do that?

 
Reply With Quote
 
 
 
 
=?Utf-8?B?Q293Ym95IChHcmVnb3J5IEEuIEJlYW1lcikgLSBNVlA=?=
Guest
Posts: n/a
 
      06-24-2005
If you use Windows security to secure files, you will have to log in to
access the files. The same is true if you set the config file up to check
whether the user is valid for certain pages. Even with anon access on, you
will end up with a security check if the app is configured to check.

If you would like to have an app on a domain that automatically logs people
in, that is a setting in Internet Explorer. The best way to facilitate is to
talk to the network admins and have them push it.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

***************************
Think Outside the Box!
***************************


"JIM.H." wrote:

> Hello,
> I used this site to do form authentication
> http://msdn.microsoft.com/library/de...l/secmod17.asp
>
> My code successfully comes to the point:
> if (passwordVerified == true )
> {
> // The user is authenticated
> // At this point, an authentication ticket is normally created
> // This can subsequently be used to generate a GenericPrincipal
> // object for .NET authorization purposes
> // For details, see "How To: Use Forms authentication with GenericPrincipal
> // objects
> lmsg.Text = "Logon successful: User is authenticated";
> Server.Transfer("MyMainPage.aspx", true);.
> }
>
> As you see, I do not do anything after that and switch to my main page by
> using Server.Transfer("MyMainPage.aspx", true);. My problem is, even if I
> have anonymous access and integrated windows checked, I get prompt to login
> when I go to my main page. Maybe I should cerate ticket here to complete
> authentication. If that is the case, how can I do that?
>

 
Reply With Quote
 
 
 
 
=?Utf-8?B?SklNLkgu?=
Guest
Posts: n/a
 
      06-24-2005
I could not believe that nobody is able to answer this question. This whole
concept of authorization, authentication, IIS are complex. Microsoft should
come up with better simple way of handling these issues. High level security
is important but if you have to know all details to have it, then you are
actually missing the whole point of security. It should be implement-able
easily.

Anyway, I put this line
FormsAuthentication.SetAuthCookie(txtUserName.Text ,false);
before server transfer, it works fine.

"JIM.H." wrote:

> Hello,
> I used this site to do form authentication
> http://msdn.microsoft.com/library/de...l/secmod17.asp
>
> My code successfully comes to the point:
> if (passwordVerified == true )
> {
> // The user is authenticated
> // At this point, an authentication ticket is normally created
> // This can subsequently be used to generate a GenericPrincipal
> // object for .NET authorization purposes
> // For details, see "How To: Use Forms authentication with GenericPrincipal
> // objects
> lmsg.Text = "Logon successful: User is authenticated";
> Server.Transfer("MyMainPage.aspx", true);.
> }
>
> As you see, I do not do anything after that and switch to my main page by
> using Server.Transfer("MyMainPage.aspx", true);. My problem is, even if I
> have anonymous access and integrated windows checked, I get prompt to login
> when I go to my main page. Maybe I should cerate ticket here to complete
> authentication. If that is the case, how can I do that?
>

 
Reply With Quote
 
joey.powell@topscene.com
Guest
Posts: n/a
 
      06-25-2005
from... "System.Web.Security" namespace

FormsAuthentication.RedirectFromLoginPage("SomePag e.aspx")

This will work by parsing a querystring in Login page's URL. There are
also some entries in web.config that have to be set.

Let the forms security do the redirect/transfer. Do not do it
explicitly. Examples on gotdotnet.com.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to retrieve form field value if form is EncType=multipart/form-dataForm? Li Zhang ASP .Net 4 02-27-2009 01:23 AM
HTTP basic authentication with form-based authentication Max Python 2 08-08-2008 06:16 PM
Changing Basic Authentication to Form-Based Authentication Dom Java 0 10-18-2004 03:30 PM
From Basic Authentication to Form-Based Authentication Dom Java 0 10-15-2004 09:50 PM
authenticate win32 form client with form based authentication web services kitchai yong via .NET 247 ASP .Net Web Services 1 05-13-2004 05:01 AM



Advertisments