I am using asp.net web application.I am sending user a link on email id.When user click on that link,web page get open.I am passing querystring to that page.
Like : htttp://localhost:7899/Test.aspx?Id=2
I don't want user to do changes in querystring (id) Id.How to do that?
Related
No very familiar with asp.net, but I have to modify an old asp.net web app. The app has a pretty standard asp login control screen with username, password and a login button with CommandName = "Login".
The modification would be - when the Windows login user is a domain user, I then set a specific username/password and automatically log in the user to the home page. I tried not to change the code too much because ValidateUser() has special logic in it.
I can get the domain user info using:
HttpContext.Current.Request.LogonUserIdentity.Name;
and set default user/pass using
this.Login1.UserName = "myuser";
(TextBox)this.Login1.FindControl("Password").Attributes.Add("value", "mypass");
But I don't know how to execute the click action of login button (asp ImageButton.)
Any help will be appreciated.
I'm trying to automate testing of an ASP.NET (not MVC) website that uses Forms authentication.
I want to simulate what happens when a user submits a particular form; to do this, my code can POST to the corresponding URL - but that won't work unless my code can first log in as my test user.
I've tried posting to the LogOn page (supplying a suitable username and password), but this fails - and I think it fails because the website uses ASP.NET event validation. (If I use Fiddler to watch what's sent to and from the browser, there's an __EVENTVALIDATION hidden form item).
I'm guessing that I'll need to visit the login page once, get the __EVENTVALIDATION value, and include that when I post the username and password to the LogOn page?
Is that all I need to do, or is spoofing a Forms-authentication-based website a non-starter?
Well, in case it helps anyone else, I was able to get this working by issuing a GET request to the LogOn page, extracting the values of the __EVENTVALIDATION, __VIEWSTATE and __VIEWSTATEENCRYPTED hidden form fields from the returned HTML, and then POSTing those values back to the LogOn page along with the rest of my form values (user name and password).
I'm using a single instance of HttpClient throughout, so the ASP.NET session cookie is preserved between requests.
I have an ASP.NET web forms application (not MVC) set up utilising routes which are defined in my Global.asax file like so;
routes.Add("Login", New Route("login", New CustomRouteHandler("~/authenticate.aspx")))
routes.Add("AdditionalInfo", New Route("additional-information", New CustomRouteHandler("~/secure/additionalInfo.aspx")))
At points throughout the application it is a requirement that the user be authenticated which would simply redirect them to the login screen.
The problem I have is how would I then redirect them back to the point where authentication was required? With bog standard url's i would do something like;
http://www.site.com/login.aspx?returnURL=someReturnURL
Is it even possible with routes in web forms?
Retrieve the QueryString Parameter on Page_Load Event & save it in
ViewState["returnURL"] = Request.QueryString["returnURL"];
Then, in button click event do the redirection on successfull authentication:
Response.Redirect(ViewState["returnURL"].ToString());
Usually when user clicks on log-in button, the URL doesn't change. So you still can read the data using 'Request.QueryString["returnURL"];'
I have code examples from some of my previous work that help me to post form values to a web page (login credentials) and retrieve the text from that page. Now I want to pass in form values (login credentials again) but actually open that web page in a browser given those credentials.
How do I do that? I'm not doing anything nefarious. In our CRM app (home-grown as it is), I want to create a link button that opens our web site's protected products page given the user's credentials (based on the user's login credentials). Normally, I'd copy the user's credentials in our login page which then takes me to the products page. I'm trying to do this now by just clicking a link button.
Any suggestions?
How are you launching the browser? Is this an internal network app? If so, I would recommend using Windows Authentication for your ASP.NET app, and then you don't have to worry about passing credentials. If you can't do that, then you'll probably have to pass the credentials on the querystring generated by your CRM app. Obviously, this is a huge security risk. But the next step would be to perform your internal authentication and then call FormsAuthencation.RedirectFromLoginPage or FormsAuthentication.SetAuthCookie().
I've created a web application in asp.net so far. where i've tried to get some data(site scraping) from secure page of a web site.I've used the HttpWebRequest class for this functionality but i haven't accessed the secure page yet. Every time the login pages was scraped not secure page.I have the site user id and password and don't know that which language site has been developed in.
Please advice what should i do ?
Look at the login form. You should be able to POST data to the target of that form, supplying the correct variables for username and password. You should then receive the initial logged in page back.