This VS 2012 extension is meant to allow me to add a local Development STS to my MVC application http://visualstudiogallery.msdn.microsoft.com/e21bf653-dfe1-4d81-b3d3-795cb104066e
I follow the very simple instructions e.g. Right Click the project name and select Identity and Access in the menu. Select your Identity Provider and the OK to apply the settings to your web.config.
I run my MVC 4 application and it redirects immediately to login.aspx
I'm guessing there are special instructions for MVC 4.
What are they?
Where do I find them?
EDIT
To be clear I have created a ASP.MVC 4 Internet application in visual studio 2012. Then I am using the Identity & Access Tool to add a local development STS to Test my application.
I am running the site on a local IIS Express
When I debug the application I am redirected to
localhost:11378/login.aspx?ReturnUrl=%2f
This occurs even if I remove forms authentication as suggested in advice already given.
In my case I added this
<system.web>
...
<httpModules>
...
<remove name="FormsAuthentication" />
</httpModules>
</system.web>
and this
<system.webServer>
...
<modules>
...
<remove name="FormsAuthentication" />
</modules>
</system.webServer>
EDIT
The next problem you might get is this
A claim of type
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'
or
'http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider'
was not present on the provided ClaimsIdentity. To enable anti-forgery
token support with claims-based authentication, please verify that the
configured claims provider is providing both of these claims on the
ClaimsIdentity instances it generates. If the configured claims
provider instead uses a different claim type as a unique identifier,
it can be configured by setting the static property
AntiForgeryConfig.UniqueClaimTypeIdentifier.
add these 2 claims to the Development STS in the Identity and Access Tool
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier
http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider
and add this line to your Global.asax
AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier;
This article helped me
Removing FormsAuthentication module worked for me.
<httpModules>
...
<remove name="FormsAuthentication" />
</httpModules>
I had a similar problem with my MVC4 application on local IIS Express.
It turned out that Windows Authentication was enabled for the project. Disabling Windows Authentication (in project properties pane -- press F4) fixed the problem.
Related
I have a mvc 4 intranet application.
All pages ask for credentials, when i provide these the application tries to redirect to a login.aspx page
Please assist, this web application needs to login automatically based on Active Directory.
Been battling with this for 3 days now
First thing, if you are using windows authentication the page should not redirect to login page. It shows error message.
In web.config file modification:
<authentication mode="Windows" />
Comment the following lines
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" />
</authentication>
In visual studio select project name and click F4 then enable the following.
Windows Authentication
Anonymous Authentication
Place authorization filter globally or controller level.
Run the application.
I'm new in asp.net world. I'm building asp.net mvc 4 web application. It has basic http authentication. At the beginning it ask user name and password. After authentication it start some view. During debug if successfully authenticated and continue debugging to some other view/controller. If I stop debugging or app crashes. For the next debug run it never prompt me for authentication. It takes to the view which comes after authentication. I suppose it caches my authentication from previous run. I try to find solution from net and found many suggestion such as :-
Restart iis
Remove cache files from c:\Windows\Microsoft.NET\Framework\v4.0.30319 and C:\Users\user\AppData\Local\Temp\Temporary ASP.NET Files
Modify web.config and rebuild, then lunch.
Remove browser cache.
Even restart pc doesn't help-
I tried all nothing is working. As I'm new I'm not sure is my web.config file has right configuration for HTTP basic authentication. Here it is:-
<system.web>
<compilation debug="true" targetFramework="4.5.1" />
<httpRuntime targetFramework="4.5.1" />
<identity impersonate="true" />
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" >
</forms>
</authentication>
</system.web>
My environment windows 7, iis 7.5, visual studio 2012. Please advise me how can force authentication every time or start as in initial state. Thanks in advance!
It's the browser cookie that is letting you in as it's still valid for your application. Clear your browser cookies or start an in-private session.
I have an ASP MVC 4 application which uses a 3rd party HTTP module for security. When using Windows authentication it will attempt to automatically log you in, if that fails, then it will redirect you to a custom login page.
This has been working fine for previous ASP Webforms and MVC 2-4 applications, but for this particular application it is failing to automatically log the user in.
The application's virtual directory has all of the authentication modes disabled (anonymous etc) except for Windows authentication which is enabled. I have also checked that the provider is Negotiate and NTLM.
The web.config is a pretty standard one that you get from the MVC template and I have tried various web.config changes to system.web and system.webServer (and changing app pool's pipeline mode) such as:
<system.web>
<authentication mode="Windows"/>
and also adding
<authorization>
<allow users="*" />
<deny users="?" />
</authorization>
But in each case the security module cannot get the user name. The module attempts to get the user name via HttpContext.Current.Request.ServerVariables["REMOTE_USER"], but I have also modified it to use HttpContext.Current.User.Identity.Name and in both cases it is blank.
Since this module has been working fine for years and still works for other applications on the same server, I believe it is an IIS or Web.config configuration issue. I have tried creating a new virtual directory and it has the same error.
Is there any additional configuration required or another reason why it is not working for this particular application?
The solution was to add the following to my the appSetting section in my web.config
<add key="autoFormsAuthentication" value="false" />
<add key="enableSimpleMembership" value="false"/>
</appSettings>
This is the first time that I have needed to add such a thing, so I am not sure why it is necessary, but it does work.
I used the standard VS 2012 MVC 4 Internet template in a .NET Framework 4 project. I was mainly using External Logins (Google, Microsoft, Facebook, Yahoo, Twitter) to access the parts of my application which are decorated with the [Authorize] attribute.
[One thing I noticed is that the default web.config created by VS does not contain any sections on membership or role providers, unlike those I see in an ASP.NET web form application.]
I deployed the project to an azurewebsites.net site. Things worked fine initially, but after some use, the app will throw an exception because it tried to use the server's machine config file to access SqlMembershipProvider using a connection string called LocalSqlServer.
Q1: How does SqlMembershipProvider relate to the SimpleMembership provider?
Anyway, I created an <membership> section in web.config and added <clear/>. This solved the that problem but created another problem, as now it tried to access SqlRoleProvider in machine.config using the connection string LocalSqlServer, again! I tried to add a <roleManager> section with a <clear/> to my web.config, but I was not as successful. It insists on a defaultProvider to be included. What should I put?
Q2. What is the assembly to use for the SimpleMembership role provider in .NET Framework 4.0 MVC 4 application?
I tried:
System.Web.Security.SqlRoleProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
but it created another problem, that it Could not find stored procedure 'dbo.aspnet_CheckSchemaVersion'. Before I run aspnet_regsql.exe I would like to ask:
Q3: Why does the standard app work fine for some time and then start looking for SqlMembershipProvider and SqlRoleProvider?
Is there someone playing around with the settings on the server?
Here is what your web.config settings should look like when using SimpleMembership.
<roleManager enabled="true" defaultProvider="SimpleRoleProvider">
<providers>
<clear/>
<add name="SimpleRoleProvider" type="WebMatrix.WebData.SimpleRoleProvider, WebMatrix.WebData"/>
</providers>
</roleManager>
<membership defaultProvider="SimpleMembershipProvider">
<providers>
<clear/>
<add name="SimpleMembershipProvider" type="WebMatrix.WebData.SimpleMembershipProvider, WebMatrix.WebData"/>
</providers>
</membership>
The assembly that contains the SimpleMembership role provider is WebMatrix.WebData.
SqlMembershipProvider is not related to SimpleMembership except that they are both membership providers. My guess is that if SimpleMembership is not configured correctly it is defaulting to a SqlMembershipProvider.
Somewhere in your application you need to initialize the database for SimpleMembership by calling WebSecurity.InitializeDatabaseConnection. The first parameter in this method indicates what connection string to use. If the application was created using the MVC4 Internet template this method is called in the filter InitializeSimpleMembershipAttribute which is decorated on the Account Controller. If you need to add a call to the InitializeDatabaseConnection method yourself I would just put it in the Gloaba.asax Application_Start method.
What is the best way to set up username and password authentication in a Silverlight-Enabled WCF web service?
The best way for me has been forms authenication...using ASP.NET application services.
Basically you expose 3 *.svc files in your WCF service that handle authenication, roles, and profiles. There is no code behind because it's built into the .net assemblies. You will have to do some configuration in the .config (see link) to enable them.
Details here: http://blogs.msdn.com/brada/archive/2008/05/03/accessing-the-asp-net-authentication-profile-and-role-service-in-silverlight.aspx
Side Note on ASPNETDB.MDF
Normally all the user accounts and profiles will be in ASPNETDB.MDF which is located on a local file in the APP_Data folder but I find this clumsy especially with permissions so I kept it in my primary WCF database but you can choose another if you have the connection string. To initialize it I ran "C:\Windows\Microsoft.NET\Framework\v2.0.50727\a
spnet_regsql -C *Data Source=localhost;Initial Catalog=MYDB;Persist Security Info=True;User ID=**;Password=****;" * -A all" to include the ASP.NET membership tables and sprocs into the db of my choice. If you do you this..ensure you override the default LocalSQLServer connectionstring or it won't find the db like this in web.config of your asp.net website
<connectionStrings>
<clear/>
<add name="LocalSQLServer" connectionString="Data Source=localhost;Initial Catalog=MYDB;Persist Security Info=True;User ID=**;Password=****;" providerName="System.Data.SqlClient" />
To actually add user accounts and roles
1) from Visual Studio
2) Click on your ASP.NET website
3) There should be a menu above called Website that shows up...select ASP.NET Configuration and your browser will start with the configuration website that will edit your config and update the configured database with accounts and roles
I hope this helps