I want to sign in to a SharePoint portal through calling a web page. Forms based authentication is enabled on SharePoint.
The scenario is as follows:
Calling /_forms/default.aspx?username=userX. which is the default page for forms authentication in sharepoint.
The page create and set authentication ticket for userX without asking his password.
The page redirected to some default page.
I have tried to manipulated /_forms/default.aspx to create ticket using FederatedAuthentication.SessionAuthenticationModule.AuthenticateSessionSecurityToken,
but no result.
I'd greatly appreciated if some one helps me.
Related
hi i would like to know how would you lougout an user if he modifies the url or refreshes the web pages like in bank web sites
in asp .net.
Thanks for your answers
I have implemented a solution similar to Vignesh Kumar's answer by using roles and restricting access to pages based on the roles a user has. When a user logs in I check which pages they can access based on their assigned roles and build the navigation menu accordingly so that they're not able to navigate to restricted pages.
In my master page's Page_Load method I check whether a user has access to the page they're trying to access and if not I log them out and redirect them to the login screen.
i have developed a web site using asp.net. In the web site if user enters username and password he will proceed to the next pages say home.aspx, dailyreport.aspx which is correct.
But the problem i'm facing is if the user enters url of the any page say domainname/projectname/dailyreport, then he will be in the desired page. then what is the use of having login page... how to deal with this issue....can anybody please help me. please as soosn as possible....
At a minimum, you need to enable Forms Authentication. This will ensure that any unauthorised users are redirected to a login page, from where they can access the site.
For more information about Forms Authentication, try this;
Explained: Forms Authentication in ASP.NET 2.0
Hi does someone have a link or can offer some guidance on HOW the facebook C# SDK could be used to provide access credentials to facebook along side ASP.Net membership?
Basically what i would like to do is have some kind of connect button on my profile view that when clicked opens the facebook app authorization window, if the user signs in and agrees the facebook auth cookie is returned or accessible so i can store in locally in my DB.
I originally tried to figure out how to do this using dotnetopenauth about 9 months ago and eventually gave up. ANY help is appreciated. thanks!
I haven't done it, but it shouldn't be too hard I think.
I'm assuming you already know how to "authenticate" users with Facebook using the C# SDK. At that very point where you consider them "authenticated" hook into it and perhaps use FormsAuthentication.SetAuthCookie() to manually authenticate the user from the default ASP.NET membership's perspective.
Can anyone tell me, if it is possible to use both basic and forms authentication on my site without the 2 interfering with each other?
I have a new site that I want only certain people to see for approval purposes.
The site has a members area that uses Forms authentication and now when anyone enters the site after passing basic authentication they are being directed to the forms authentication page, even though they should be viewing a page that isn't protected by forms authentication.
I need a situation whereby anyone who clears basic authentication can then view the whole site excluding the members area of the site where they will need to log in via forms authentication.
It sounds like you just haven't configured forms authentication for just the particular members area, but have it configured for everything.
Look at the authorization element and the location element (if you want to control the settings in the main Web.config, instead of creating a Web.config for the member's area).
See also ASP.NET Forms Authentication and a "No Authentication" subfolder (except you want the reverse).
One option is to write your own basic authentication filter attribute and protect the action that just require basic authentication with the custom attribute . The controller action which requires forms authentication should be protected with the normal [Authorize] attribute. Please refer the following example :-
http://www.ryadel.com/en/http-basic-authentication-asp-net-mvc-using-custom-actionfilter/
I had a similar issue in the past but was more along the lines of providing basic authentication for REST calls and form authentication when someone access the mvc site. We ended up creating our own authentication filter
I’ve used the asp.net login control on my sharepoint custom master page. All works well and I can login to my site without problems.
However I’d like to run some code once the user has logged, or alternatively perform a redirect based on the user’s role.
Has anyone does this type of thing before?
The Login control (System.Web.UI.WebControls.Login) has an event LoggedIn (http://msdn.microsoft.com/en-us/library/system.web.ui.webcontrols.login.loggedin.aspx). Just subscribe to it and place your code in the handler. I haven't worked with sharepoint, I'm talking from an ASP.NET viewpoint here.
You can test roles programmatically through User.IsInRole
EDIT: on redirect from the ASP.NET login control, check for the forms authenication token and run your custom code if the token is present.