After extracting my database layers into different projects, each time I run my app, enter my credentials and press login, it will redirect me to Index.cshtml but I still get the "Login" and "Register" actions rendered at the top bar. After scaffolding and debugging Login.cshtml, I can see that the login is successful:
However, after redirecting to LoginPartial.cshtml, I can see that I am, in fact, not logged in:
Here is my project structure:
I am registering identity like so:
So I am guessing that the identity context that I see in Login.cshtml is somehow different from the one in LoginPartial.cshtml, but I am not sure. Has anybody any idea what might be going on here?
Ok I know now what was going on. I have not yet committed the changes where I extracted everything into it's own project and I compared the current solution with the one I had before the changes. I noticed that before I did the changes, the WebSite project was configured to use SSL. Somehow, that got disabled and the login failed for this reason. I don't know why there were no error messages, but in my case, I needed to check the "Use SSL" setting in the project settings of my WebSite project.
Now I am logged in and everything works as expected.
Related
error photo Hello. I making my first website.Visual studio.For authentication i use Identity tool. In localhost it work fine i can reach everything, but after publishing it to iis or smartasp.net i cant enter login and register pages.Other pages work good. When i click login it show http error 500 This page isnt working right now. Localhost cant currently handle this reÄ…uest.
Someone maybe had the same issue? It looks like i have to do something with identity because i can enter other pages.
Maybe before publish i have to change something?
First i make publish to iis. Login page got that error. I took maybe problem in iis. Than i used smartasp.net but the issue is same
I have very strange problem. I use ZfcUser as authentication module. I made a lot of projects on lot of different environments using ZF3 and ZfcUser module. I have nevere experienced such kind of problem which I will explain bellow. In my current project I cant login into system on production server. I succesfuly log from local env, or other test environments.
I try to investigate whats going on. I went to login page on production, entered my credentials and system redirects me to home page. No errors, no warnings... notihnig. But I was not logged in. I check the identity from the framework (identity()) - it was null. I thought that may be it is server issue with the php sessions. I checked the sessions on server. It appears that the problem was not there.
The framework succesfully stored the data it needs in sessions. I found the Zend_Auth key, the identity key and the value for logged user. It seems that with php sessions everything is OK.
I am powerless and cant even think about what is going on here and where is the problem. No errors are thrown. I trace the execution of code on local and production environment. Everything is same. The frameworks seems to work properly. But the IDENTITY is allways null
Found the problem.
So, the site was runing under a subdomain. Let say sub.domain.tld. This site is different from main domain which is domain.tld. In the programm code, the favicon of application was requested form the domain.tld not from the sub.domain.tld.
As a result when you hit the http://sub.domain.tld the browser stores two PHPSESSID cookies. One under sub.domain and another under domain.tld which couses Chrome to messed up
Interesting is that, Firefox and IE didnt messed with the sessions and the site was working porperly. I dont say that Crhome is guilty. Obviously the programm code was cousing the problem. But Chrome recognize that one domain is sub domain of the other
Thats why, when I was trying to run project on different environments as local setup or different domain e.g. test.different-domain.tld, ther were again two PHPSESSID cookies set, but in this time Chrome didnt messed up with the sessions becouse test.different-domain.tld is not recognized as subdomain of domain.tld
Very small and silly mistake, but cousing big problems
I've installed PiranhaCMS on an existing ASP.NET MVC5 application. Part from I had to install AutoMapper, the installation went through smouthly. I followed the Get Started instruction in the "Adding Piranha CMS to an existing application". I've tried using existing database, the incluede CE database, and event with a new database. It all comes down to the same problem, I get routed to "/manager/install" where I set up the admin user (which gets added to the sysuser table). After this I get routed to the "/manager" page where I get to sign in with the user i just created. When logging in, I get back to the same page. I assume, the user is not valid... but I get no exception or other information.
Any ideas?
try to remove this node in your web.config
system.webServer/modules
What worked for me was removing the system.webServer/modules like mentioned above and also changing
system.web/authentication mode="None"
to /authentication mode="Forms"
The authentication mechanism for the manager uses Forms authentication. Since you just get routed back to the login I'm guessing Forms auth isn't enabled so the cookie doesn't get set!
Removing system.webServer/modules will disable the way MVC application (such as in defulat template) manages loging in users. Having authentication mode to "Forms" is part of getting started tutorial.
It is quite possible (and is in my case) that replacting authentication is not desired behaviour.
The question is how to let those two authentification mechanisms live side by side. I know that we'll have to keep users separated. That is fine. But how to run run two authentications side by side?
I have a Lightswitch 3-tier web deployment and I'm stuck on the auth piece. I've played with IIS and tried every config I can think of, but after I publish to the web, it always shows the app pool identity as the user in the top/right side of the browser. The only way I can get the ID to "pass through" is to enable impersonation which I know isn't correct. Even with impersonation enabled, the Administration tab doesn't show with the ID I assigned as the administrator after the initial publish.
Have you seen this? I've tried this on multiple deployments, re-read the guides, re-read the LightSwitch book auth chapter, still to no avail.
Also, I find it curious that when I drop this code in a test.aspx it shows that my ID is indeed getting passed:
<%= User.Identity.Name %>
But when I put this in, it shows the app pool ID:
<%= Environment.UserName %>
It's like Lightswitch is reading the Environment.Username (which will always be the app pool) instead of the user being passed by IWA.
What do you think is going on here? I've relegated to NTLM at this point to make it "easy" (abandoning Kerberos for now) and it still doesn't work.
I have a great app that I'm ready to deploy, but I need to get security setup for it.
I figured it out. I had earlier tested the website by simply copying the release from my visual studio project folder to the web server. I decided to wipe the whole folder and publish "from scratch" and what do you know...it worked.
This is obviously my first experience with web development so just a noob mistake. I'm still curious what was in the config that was over-riding what I was telling IIS to do, but for now I'm off an running.
You can close this issue.
When using Visual Studio's built in web server, every time I make a page request the standard login box pops up and asks for credentials. It doesn't work if I actually put in my credentials, so I just have to hit cancel 5 times so it will go away.
When I run the application through IIS (locally or on test server) it works just fine (no login box comes up).
Anyone know how to fix this or have any idea what might be causing it?
I assume you mean JavaScript alert box-looking login dialog, right? This dialog pops up when you make a request to a portion of website where anonymous access is disabled from IIS. It is different from ASP.NET authentication.
Do you have some portion of web site protected? Or are you making any HTTP request to external sites, like images and etc?
If your page looks ok after hitting cancel multiple times, it must be one of those HTTP request to protected file like images, css, js or whatever.
I'd look in Fiddler or Firebug to see if any request is failed when you hit cancel in that login dialog.
I'd also try clearing cache/authenticated session on the page that runs on IIS to see if it actually shows you that login dialog.
I had this same issue. However, my solution was different and the issue seemed different as well.
I had been working on a ASP.NET 2.0 web application, using VS 2008. Everything was working fine with the built-in IIS server. I hadn't opened this project for about a week and then when I chose "View in browser" in VS, I was prompted for my windows login creds. This project never did this before, so I was a bit baffled. I checked all the web.config settings and everything seemed fine. My project settings seemed correct as well. I decided to test the project by opening this same project in VS on a separate dev box on my network using a network path. I again chose "View in browser" and it worked fine. No logon prompt.
This told me that the issue wasn't with the actual web project itself, rather my dev environment. I checked all my browser settings as suggested above, and they were correct. I then compared my project settings while I had the same project (same physical files) opened in both dev boxes. I noticed a difference...
Under the Start Option in the Property Pages, the Web Server was set to use the Default Web server in both cases. However, on the box that was asking for my creds, the NTLM Authentication checkbox was selected. I unselected this and it resolved the issue.
I'm not sure how this was possible since I was opening the same project files, and would assume the project settings would be exactly the same. And the fact it was working fine a week ago really perplexed me. I chalked it up to an issue with VS 2008 on the box with the issue. I hope this helps anyone else that may be running into this issue.
This was because localhost was not in my trusted sites so it wouldn't do automatic NTLM authentication... I'm not sure why it was that way, but it was... adding localhost to the list fixed it.
In your project, there should be a vwd.webinfo file.
The following lines control authentication when debugging (in IISExpress). Set as follows to avoid all dialogs.
<VisualWebDeveloper>
<iisExpressSettings anonymousAuthentication="enabled" windowsAuthentication="disabled" useClassicPipelineMode="false"/>
</VisualWebDeveloper>
If windowsAuthentication="enabled" you may still get a dialog, even if anonymousAuthentication="enabled" :-)