I have a controller function which return the PartialView. In this function, i checked the login field match with my database for a particular user then I called the FormAuthentication.setAuthCookie. In this partialView, I have a call User.IsAuthenticated but it was false.
I already call FormAuthentication.setAuthCookie before returning the partialView.
Why does the User.IsAuthenticated is still false. I am doing an ajax call so during the login process the will still on the same form even after the login as well.
<system.web>
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="1000"/>
</authentication>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
Related
We have a website that is protected with Forms Authentication in IIS. We would like to make one page in this website accessible to everyone without any authentication.
All the resources I saw mentions using tag but it's not working for us for some reason.
web.config:
<configuration>
<location path="public.htm">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<system.web>
<authentication mode="Forms" >
<forms loginUrl="UserLogin.aspx" />
</authentication>
<authorization>
<deny users="*" />
</authorization>
</system.web>
</configuration>
Both public.htm and UserLogin.aspx are in the same folder. When we browse public.htm, we get 401.2.
If disable Forms Authentication, public.htm is accessible.
UPDATE (5/21):
Disabled Forms Authentication in but still getting 401.2 error.
<configuration>
<location path="public.htm">
<system.web>
<authentication mode="None" />
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<system.web>
<authentication mode="Forms" >
<forms loginUrl="UserLogin.aspx" />
</authentication>
<authorization>
<deny users="*" />
</authorization>
</system.web>
</configuration>
It sounds just like your anonymous authentication has been disabled or your current login user don't have permission to view the public.htm.
If you are hosting it in VS, please ensusre Enabled anonymous authentication has been selected and you current logon user have permission to access the htm file.
If you are hosting it in IIS, please ensure anonymous authentication has been enabled and the authorization rule would looks just like
<authorization>
<deny users ="?" />
<allow users = "*" />
</authorization>
The authentication in applicationhost.config would looks like
<location path="Sitename">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</location>
And the authorization rule for public.htm would be.
<location path="public.htm">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
Please remember to grant IUSER read permission to access public.htm.
I'm trying to use Image Resizer's AzureReader2 plugin to read images from blob storage. And it works fine when I try and retrieve the unedited image.
When I go to the following url it redirects to my local storage account where the image is stored
http://localhost:2000/azure/test/image.jpg
But when I navigate to the following I get "The image cannot be displayed because it contains errors"
http://localhost:2000/azure/test/image.jpg?width=400&height=400&mode=crop&borderWidth=10&borderColor=red
Here is what my web.config file looks like
<configuration>
<configSections>
<section name="resizer" type="ImageResizer.ResizerSection,ImageResizer" requirePermission="false" />
</configSections>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<httpModules>
<add name="ImageResizingModule" type="ImageResizer.InterceptModule" />
</httpModules>
</system.web>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
...
</assemblyBinding>
</runtime>
<appSettings>
...
</appSettings>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<modules runAllManagedModulesForAllRequests="true">
<!-- This is for IIS7/8 Integrated mode-->
<add name="ImageResizingModule" type="ImageResizer.InterceptModule" />
</modules>
</system.webServer>
<resizer>
<plugins>
<add name="MvcRoutingShim" />
<add name="AzureReader2" connectionString="UseDevelopmentStorage=true" endpoint="http://127.0.0.1:10000/devstoreaccount1/" />
</plugins>
</resizer>
</configuration>
Any ideas?
It seems as if the problem was to do with my Owin pipeline. The way I had the rest of my project set up it was being routed through Owin and was never able to reach the Image Resizer. I changed the set up of my project so that it wasn't routing through Owin.
I have a non logged web application that contain 50 pages, I need to have one logged page "testpage" How can do this:
<authentication mode="Forms">
<forms loginUrl="~/Login/LoginExpiration.aspx" defaultUrl="~/Home/Default.aspx" slidingExpiration="true" timeout="120" />
</authentication>
<authorization>
<allow users="?" />
</authorization>
<location path="testpage">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
In your config file location means not the page name but a folder.
Create a folder called testpage, place your page there and it will work
My web.config has this:
<system.web>
<customErrors mode="RemoteOnly" />
<authentication mode="Forms">
<forms loginUrl="~/Account/" />
</authentication>
Is there a nice way to get this loginUrl in the MVC code as a string?
If you search the web for for "asp.net get loginurl from web.config", you'll find:
System.Web.Security.FormsAuthentication.LoginUrl
I receive the following request error from my WCF Rest web service when using forms Authentication and Authorization. It works fine without the Authentication and Authorization:-
"The server encountered an error processing the request. Please see the service help page for constructing valid requests to the service."
Its built in .net 4 so no .svc file, here is the service code:--
namespace WcfRestService1
{
[ServiceContract]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
[ServiceBehavior(InstanceContextMode = InstanceContextMode.PerCall)]
public class Service1
{
[OperationContract]
[WebGet(ResponseFormat = WebMessageFormat.Json)]
public string GetHelloMessage()
{
return ("hello from web service");
}
}
}
Here is the web config code:--
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</modules>
</system.webServer>
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<standardEndpoints>
<standardEndpoint name="" helpEnabled="true" crossDomainScriptAccessEnabled="true" defaultOutgoingResponseFormat="Json" automaticFormatSelectionEnabled="true"/>
</webHttpEndpoint>
</standardEndpoints>
</system.serviceModel>
<system.web>
<authentication mode="Forms">
<forms defaultUrl="Service1" timeout="20"
ticketCompatibilityMode="Framework40"
loginUrl="login.aspx" name=".Mobile-Rest-Api" cookieless="UseCookies"/>
</authentication>
<authorization>
<deny users="?" />
<allow users="*"/>
</authorization>
<!--<authentication mode="None"/>-->
</system.web>
<location path="login">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
</configuration>
Any help on this would be great, thanks in advance.
The problem is that you are using a authentication method that does not support a services call.
Forms authentication is used when a user is accessing a site, if the user is not authenticated he is directed to a login form, in which he fills out user name and password.
When a service is making a call, the service gets a redirect response, which it is not able to handle, therefore the error.
You need to select a different authentication method.