Unable to login to PiranhaCMS after setup - asp.net

I've installed PiranhaCMS on an existing ASP.NET MVC5 application. Part from I had to install AutoMapper, the installation went through smouthly. I followed the Get Started instruction in the "Adding Piranha CMS to an existing application". I've tried using existing database, the incluede CE database, and event with a new database. It all comes down to the same problem, I get routed to "/manager/install" where I set up the admin user (which gets added to the sysuser table). After this I get routed to the "/manager" page where I get to sign in with the user i just created. When logging in, I get back to the same page. I assume, the user is not valid... but I get no exception or other information.
Any ideas?

try to remove this node in your web.config
system.webServer/modules

What worked for me was removing the system.webServer/modules like mentioned above and also changing
system.web/authentication mode="None"
to /authentication mode="Forms"

The authentication mechanism for the manager uses Forms authentication. Since you just get routed back to the login I'm guessing Forms auth isn't enabled so the cookie doesn't get set!

Removing system.webServer/modules will disable the way MVC application (such as in defulat template) manages loging in users. Having authentication mode to "Forms" is part of getting started tutorial.
It is quite possible (and is in my case) that replacting authentication is not desired behaviour.
The question is how to let those two authentification mechanisms live side by side. I know that we'll have to keep users separated. That is fine. But how to run run two authentications side by side?

Related

.Net Core Identity not logging in

After extracting my database layers into different projects, each time I run my app, enter my credentials and press login, it will redirect me to Index.cshtml but I still get the "Login" and "Register" actions rendered at the top bar. After scaffolding and debugging Login.cshtml, I can see that the login is successful:
However, after redirecting to LoginPartial.cshtml, I can see that I am, in fact, not logged in:
Here is my project structure:
I am registering identity like so:
So I am guessing that the identity context that I see in Login.cshtml is somehow different from the one in LoginPartial.cshtml, but I am not sure. Has anybody any idea what might be going on here?
Ok I know now what was going on. I have not yet committed the changes where I extracted everything into it's own project and I compared the current solution with the one I had before the changes. I noticed that before I did the changes, the WebSite project was configured to use SSL. Somehow, that got disabled and the login failed for this reason. I don't know why there were no error messages, but in my case, I needed to check the "Use SSL" setting in the project settings of my WebSite project.
Now I am logged in and everything works as expected.

How to remove ASP.NET MVC OKTA Forms Authentication for local test

I am working on a client solution that requires new features and functionality to be added to a cloud web application with OKTA Authentication. I've been able to create the new models, views, and controllers as per requirement, with no errors when I build the solution. When I run the application to test locally, the views load in the browser but no data and functionality, and a redirect on the URL, either running in the preconfigured DEV, STG, or PRD Azure environments.
< http://localhost:1080/AuthServices/SignIn?ReturnUrl=%2f >
It's not finding the authentication form, it has no user information, and the site is not loading properly. I've tried different thing, including removing the authentication all together, and setting authentication to non / in the web.config. The only thing I've not done yet is testing on the publishing side. Everything with OKTA is setup correctly as it's working fine with the last deployed version of the solution, . Non non of those configurations were changed.
How can work around or disable this entirely so that I can test the application locally?
Thanks in advance!!
Assumption: You are not testing a section of the application that deals with user-specific information, for instance, a user profile page.
To temporarily disable Okta authentication:
In Startup.cs, comment out this line:
[assembly: OwinStartup(typeof(Gilson.GRMS.Startup))]
Add this line to the appSettings section of Web.config:
<add key="owin:AutomaticAppStartup" value="false"/>
Comment out the [Authorize] attribute on each controller action referenced by the section of the application you are trying to test.
Unfortunately, #3 above means that if you want to disable Okta authentication for the entire site, you might have to comment out a lot of [Authorize] lines.

PirahnaCMS Manager using Organizational Authentication in project

While using Windows Organizational authentication in the ASP.net MVC project, I am unable to access the /Manager portion of PirahnaCMS. Whenever I attempt to login, it just redirects back to the login page. Is there a solution to this problem, or a workaround?
Someone asked this question, but no one posted a solution: How to get to Dashboard
Best Regards,
Saad
The Piranha CMS manager uses forms authentication. If you've configured another form of authentication in your main web.config the manager login won't work. In the upcoming version (2.3.0) the authentication mechanism will be replaceable, but in the current version the manager needs forms authentication.
You have two possible solutions:
1) Try configure the manager area to use Forms authentication by adding a separate web.config to this area.
2) Set the "front-application" to run in passive mode, i.e. disable the manager. Add a different web without the front-end and just the manager pointing to the same database.
Regards
Håkan

How can I use an ASP.NET MembershipProvider to carry over users' session data stored in cookies set by ColdFusion?

I'm working on adding a new webapp to an existing website. I've been directed to write the webapp in ASP.NET. The existing website is written in ColdFusion. For the most part, the ASP.NET webapp is completely stand-alone, but it needs to interact with the ColdFusion code in one important way - if somebody logs in to the ColdFusion site, we don't want them to have to log in again when visiting an ASP.NET page.
When someone logs in to the ColdFusion site, their username is stored in a cookie, along with a login token that can be looked up in our database. My .NET is a little rusty, so I'm having trouble visualizing how the ASP.NET code should use this data. I've already written a simple MembershipProvider that can be used to log in/out out the ASP.NET app using the data in our existing database tables, which are shared with the ColdFusion code.
What I'd like to know is - how can I make sure the ASP.NET app detects the cookies set by the ColdFusion app (I imagine they'd be sent to the ASP.NET pages, since everything is hosted on one domain), and automatically logs the user in using the MembershipProvider and Forms Authentication, using the credentials supplied in the cookie? I'm thinking that putting some kind of cookie check and log in function in the Global.asax file, set to run every page load for every page... but that seems kind of clunky. Also, do people still use the Global.asax file anyway? I had thought there was a more modern method.... Also, how can I manually log someone in using Forms Authentication and a custom membership provider? Currently my code allows the user to log in using the provided login control, but I'm not sure how to log the user in without them having to do anything.
Thanks in advance for any help. Looking over the MembershipProvider tutorials and the MSDN documentation it seems to me like the answer should be staring me in the face, but for some reason I just can't see it. Maybe not enough coffee....
Not sure if this is what you're looking for:
FormsAuthentication.SetAuthCookie("the username goes here",false);
Reference
I'm a CF developer ususally, but we had to do some integration with a .NET application recently and the way we approached it was to keep the CF and .NET sessions separate but ensure that login happened on both so when the user moved from one to the other they were still logged in.
So is there perhaps a way for you to hit your ASP.NET application with a request to login a user when you login using the CF application? Perhaps you could have an iframe on the page that you can load when the CF login is complete that holds a login service for the .NET app?
This way you would not need to worry about one app server reading the other app server's cookies, instead there would be two sets of cookies, one for ASP and one for CF.
Hope that helps!
The way I would approach it, is I would have a specific page that acts as a liaison between the CF and .NET layer. That page would implement your business layer and just check to see if the Cookie is there, if so read it in, do the lookup and login the user or whatever business logic that needs to be done. How would you accomplish the login/authentication, well that’s all based on your login/authentication code.
The only link I can offer is the basic of cookies in ASP.net
http://msdn.microsoft.com/en-us/library/aa289495(v=vs.71).aspx
Edit: found another link that might be helpful.
http://www.aspnettutorials.com/tutorials/network/cookies-csharp.aspx

get user Active Directory details

I am building a simple intranet site and I want to get the user's Active Directory.
What steps do I need to take on the IIS side for this to work?
Are any changes required to my web config?
I would appreciate a detailed explanation, as this is giving me a hard time.
I have tryed things like this
Request.LogonUserIdentity.Name.ToString
also
HttpContext.Current.User.Identity.Name
the users will not login the page should be able to get the credentials without them typing their username and password
windows authentication in my web config throws an error and causes my page not to work
This might be a good starting point for you:
Recipe: Enabling Windows Authentication within an Intranet ASP.NET Web application
or this:
Active Directory Services: PrincipalContext — What is the DN of a “container” object
As #Joel Ehterton said, more details of exactly what you're trying to do would be helpful.

Resources