Search results matching tag 'authentication'

Re: Web Site .NET C# for mobile - Error in session ?

meliweb — Mon, 14 Dec 2009 05:00:00 GMT

Thanks for your answer, but I'm a bit surprised. Why would Microsoft add "Mobile Page" in their templates in Visual Studio if it's working better with usual .aspx pages ?

Except for the sessions variables, the application is working fine. I might send variables threw pages instead of sessions variables if really I can't to anything else. The login page with an autentification cookie is working fine, the variable is not lost when using the mode "StateServer".

Re: delete and edit confirmation

aquaren — Sat, 05 Dec 2009 05:00:00 GMT

The best way to implement this is to authenticate the user before they get to the page that contains the grid view. If the user is not authorized to edit or delete, either conditionally hide the column that contains those buttons, or do not allow them access to the page. This will improve the use experience dramatically. The last thing a user wants is to be repeatedly prompted for credentials.

Re: Authorising Customer Access

aquaren — Sat, 05 Dec 2009 05:00:00 GMT

This is one of those situations where you are going to have to politely and diplomatically explain to your client that this is just not possible. They are expecting you, as a professional, to provide solutions. That solution may not always be what they envision, but it still provides the functionality they need to satisfy their business goals.

Re: Login Failed with Windows Authentication

aquaren — Wed, 02 Dec 2009 05:00:00 GMT

Is the error an problem with authentication to the SQL Server or authentication to the web application? I have seen issues like this in the past with users who've checked the "save my password" box in the login dialog box and later changed their passwords, not realizing the dialog box was using their old saved password.

Moving to AD in existing .NET site?

robt1 — Wed, 18 Nov 2009 05:00:00 GMT

AD Question (Moving to AD in existing .NET site?):

I am working on an intranet/extranet site that is currently using forms authentication and the .NET membership database. We are

considering making the shift to AD for the internal (intranet) users but would like to keep the external (extranet) users in the

membership database. The intranet and extranet are sub domains on the same server.

1. Are there any issues with the basic configuration described above?

2. We would like to continue using forms authentication for the extranet users. Any issues with running windows authentication for the

intranet and forms authentication for the extranet site on the same server? Or, are we better off using forms authentication for both?

3. I'm struggling a bit with how best to add new users and keep AD in sync with our intranet/extranet SQL Server db. We are storing

quite a bit of our user data in our SQL server intranet/extranet db as opposed to the membership db. Currently we store the

"userproviderkey", generated by .net membership provider, in our intranet/extranet db to sync to 2 databases. How are sites typically

handling this when using AD? And, I assume we'd add a new user to AD first, then from the intranet find the user in AD and create a

"sync'd" record in our sql db?

4. We would administer roles in AD and only touch them in the intranet to authorize. Any issues here?

Thanks for your help!

I am working on an intranet/extranet site that is currently using forms authentication and the .NET membership database. We are considering making the shift to AD for the internal (intranet) users but would like to keep the external (extranet) users in the membership database. The intranet and extranet are sub domains on the same server.

1. Are there any issues with the basic configuration described above?

2. We would like to continue using forms authentication for the extranet users. Any issues with running windows authentication for the intranet and forms authentication for the extranet site on the same server? Or, are we better off using forms authentication for both?

3. I'm struggling a bit with how best to add new users and keep AD in sync with our intranet/extranet SQL Server db. We are storing quite a bit of our user data in our SQL server intranet/extranet db as opposed to the membership db. Currently we store the "userproviderkey", generated by .net membership provider, in our intranet/extranet db to sync to 2 databases. How are sites typically handling this when using AD? And, I assume we'd add a new user to AD first, then from the intranet find the user in AD and create a "sync'd" record in our sql db?

4. We would administer roles in AD and only touch them in the intranet to authorize. Any issues here?

Thanks for your help!

Binding with trusted user credetials via LDAP protocol

egp_qumu — Wed, 18 Nov 2009 05:00:00 GMT

I am wondering, if I have a trust set up bewteen domains, is it possible to do a bind (for authentication purposes) of a user from the the trusted domain to the trusting domain? That is I have domaina/user1 and they are logging into our application, which is configured to work with domainb -- there is a two way trust between domaina and domainb -- so I would like to take the credentials given to me by domaina\user1 and bind to domainb to authenticate them.

Also, when I do a search of domainb through the global catalog and I get a referal to domaina, I would like to be able to follow those referrals with credentials I originally used to bind to domainb (which are credentails from a user in domainb -- i.e. user2@domainb.com)

So are these scenarios possible (I am binding via the Java's JNDI API)? What configuration do I have to do to enable such binding to take place?

The request failed with HTTP status 401: Unauthorized while calling CRM Dynamics web service

Kbergeron — Wed, 18 Nov 2009 05:00:00 GMT

We got a little very tricky probleme while calling the CRM Dynamics web service. There the code we try to run :

(Got some probleme to provide the code please see this post to to it : http://social.microsoft.com/Forums/en-US/crm/thread/5bf62780-cb26-41d5-9f4a-1f41d593e6a2)

The point is that this code work perfectly in a consol app but when we do the call in our WCF web service application an 401 exception occure. Pleae not that the test are made on the same machine with exactly the same code and with the same crn address (the one from the crm dynamic discovery service) and the same WSDL reference.


Please help!

Auditable SQL Transaction using Windows Authentication

lookitstony — Tue, 17 Nov 2009 05:00:00 GMT

This is the ticket I just submitted to Microsoft, I figured I would post here maybe one of you awesome people can help me :)

I have been requested to create an ASP.NET webpage that authenticates from Active Directory. This website will also be accessing SQL Server databases that have security groups from Active Directory setup for their permissions. We need to be able to authenticate a user from Active Directory, check the groups they are in to determine their access, and then have any database interaction be executed from the logged in user.

I have created a user control using your Active Directory login procedure from http://msdn.microsoft.com/en-us/library/ms180890%28VS.80%29.aspx and they work well. I can authenticate the users credentials and groups and I used the script from http://support.microsoft.com/kb/306158 to perform impersonations with the credentials gathered from my login form. This is doing exactly what I want as far as logging in and authenticating through Active Directory, comparing groups, and impersonating the authenticated user so SQL interactions are executed with their credentials.

The problem I am having now is security, I had another user login while I was logged in and I ended up running the site under his credentials. When I went to the database portion of the site it denied me because it was trying to operate under his credentials. I have since then added an impersonate method to every “ING” (selecting, updating, deleting) event of the SQLdatasource control and an unimpersonate to every “ED” (selected, updated, deleted) event. From my observations it seems as if the impersonation is actually temporarily changing my IIS anonymous account for every user that accesses the website. This is where I become concerned, I have added the impersonations now so impersonation will happen only at the beginning of a SQL transaction and will end at the end of the SQL transaction. My concern is that if more than 5 people are on the site at any one given time they run a chance of trying to impersonate while someone else is impersonating.

I feel I am heading in the right direction but I cannot seem to find any other way to do this that would be more secure. I have spent countless hours researching and testing just to get this far and I feel it is futile now with the recent security concern.

Please explain to me a better more secure way of doing what I am trying to do. Help me understand what I can do to accomplish this task. I know we are not the only company out there who wants to implement auditable SQL tracks while authenticating through Active Directory. Please point me on to the right path to accomplish this.

Re: Windows authentification and Forms authentification with Active Directory = different results with User.Identity.Name

skoub — Wed, 11 Nov 2009 05:00:00 GMT

for now, my workaround is when im with Forms Authentification, i add "domain\" to my FormsAuth.SignIn. So when i use User.Identity.Name, i get "domain\username" and when i add a role to this user, it will be written the same way as if i was in Windows Authentification mode.

if people have other ideas, it would be great to know it. Maybe theres a better way to handle this.

public ActionResult LogOn(string userName, string password, bool rememberMe, string returnUrl)
        {

            if (!ValidateLogOn(userName, password))
            {
                return View();
            }

            FormsAuth.SignIn("domain\" + userName, rememberMe);
            if (!String.IsNullOrEmpty(returnUrl))
            {
                return Redirect(returnUrl);
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }
        }

User Log In Authentication fails every time!

immanuelx2 — Tue, 10 Nov 2009 05:00:00 GMT

Hello all.

Working on a project for class here in ASP.net through Visual Studio.

I have a Login control, through which I have two users added (through the website administration). However, when I go back in to the program and try to log them in it always fails!

What gives?