While using Windows Organizational authentication in the ASP.net MVC project, I am unable to access the /Manager portion of PirahnaCMS. Whenever I attempt to login, it just redirects back to the login page. Is there a solution to this problem, or a workaround?
Someone asked this question, but no one posted a solution: How to get to Dashboard
Best Regards,
Saad
The Piranha CMS manager uses forms authentication. If you've configured another form of authentication in your main web.config the manager login won't work. In the upcoming version (2.3.0) the authentication mechanism will be replaceable, but in the current version the manager needs forms authentication.
You have two possible solutions:
1) Try configure the manager area to use Forms authentication by adding a separate web.config to this area.
2) Set the "front-application" to run in passive mode, i.e. disable the manager. Add a different web without the front-end and just the manager pointing to the same database.
Regards
HÃ¥kan
Related
I have 3 symfony projects each one has it's own login page.
I want to make another symofony project that will work as the authentication gate, where a user can login to the other projects from it.
How can I achieve this ?
You have to install a SSO (like CAS for example) on a server.
And then use this SSO on your project : https://github.com/PRayno/CasAuthBundle (if you use CAS)
I've installed PiranhaCMS on an existing ASP.NET MVC5 application. Part from I had to install AutoMapper, the installation went through smouthly. I followed the Get Started instruction in the "Adding Piranha CMS to an existing application". I've tried using existing database, the incluede CE database, and event with a new database. It all comes down to the same problem, I get routed to "/manager/install" where I set up the admin user (which gets added to the sysuser table). After this I get routed to the "/manager" page where I get to sign in with the user i just created. When logging in, I get back to the same page. I assume, the user is not valid... but I get no exception or other information.
Any ideas?
try to remove this node in your web.config
system.webServer/modules
What worked for me was removing the system.webServer/modules like mentioned above and also changing
system.web/authentication mode="None"
to /authentication mode="Forms"
The authentication mechanism for the manager uses Forms authentication. Since you just get routed back to the login I'm guessing Forms auth isn't enabled so the cookie doesn't get set!
Removing system.webServer/modules will disable the way MVC application (such as in defulat template) manages loging in users. Having authentication mode to "Forms" is part of getting started tutorial.
It is quite possible (and is in my case) that replacting authentication is not desired behaviour.
The question is how to let those two authentification mechanisms live side by side. I know that we'll have to keep users separated. That is fine. But how to run run two authentications side by side?
I would like to apply a basic 2nd level of security by adding some form of web folder password protection, so that we only allow users with the global username and password to be able to access the logon page, where we are using forms based authentication.
I am not sure whether this is done from the IIS Manager (Windows 7) or by editing a web.config file ?
If you google for "Forms Authentication IIS", first item returned is this:
http://msdn.microsoft.com/en-us/library/ff647070.aspx
This does a good cover of the issue.
If you need to apply that to a particular folder, use location and authorization in web.config as below:
http://msdn.microsoft.com/en-us/library/b6x6shw7(v=vs.100).aspx
I have been in the same situation. Given that you can't enable forms authentication and basic/windows authentication at the same time in IIS we ended up using Helicon Ape and .htaccess files for the digest based authentication and configured the web app itself to use forms authentication. It works well so far. We needed this because of client requirements. I wouldn't really recommend this in practice. It's fairly annoying for users having to log in twice.
I have a site where the vast majority of the content will be secured using Forms Authentication. However there is one sub folder that will be used internally by the administrative staff. I would like to secure this folder using Windows Authentication. Is that possible? Would I have to make the admin folder a virtual directory?
CLARIFICATION: There is no need for the administrative staff to access the main site. They are really two separate sites/apps. Regular users will access the main application via Forms Authentication (and never access the admin folder). And admin users will access the admin application via Windows Authentication (and never access the main site).
Thanks,
Corey
Yes, it's possible but you have to build a custom membership provider or an interface to allow for it. It is not possible to specify individual authentication methods on sub-folders unless they are in completely separate projects/application domains.
One method to accomplish this would be to use an LDAP membership provider and change the ldap connection based on the username (if there is a discernible method of doing this).
One other method would be to provide a separate website that uses the Windows authentication to perform the login and then constructs a custom cookie for the user and transfers them back to the original website identifying the individual as a member of the administrative staff.
Then the folder could be secured using the <location> elements in the web.config.
If I was going to build a site with Mixed authentication, I would setup the site to use webforms. I would then setup a virtual application inside of this application that consisted of the same forms auth web.config information but set to use Windows Auth.
On the login page of the windows auth site after you validate their credentials I would then manually call FormsAuthentication to create the auth token. At this point you can then redirect the user to the Forms Auth site and they should be logged in (as long as all the forms auth cookie information is the same for both sites, this might also include needing to setup the same machine keys for both applications).
I haven't done this specifically but this should definitely be a viable (and probably one of the most optimal) solutions.
It may be as simple as right-clicking on the admin folder in Windows Explorer and setting the rights in the Security tab.
Put the administration site in its own application - by right clicking on the folder in IIS manager and and choose convert to application.
Once that's done you can adjust the authentication method on the application by highlighting the application folder in IIS manager and then choosing authentication and adjusting them (or you can do it the hard way via web.config if you can't remote into the machine).
I am trying to figure out how to implement an ASP.NET page with Windows Authentication without getting that annoying IIS login box.
I currently have 3 domains in my network so all the people logging in would have to prefix their user names with the domain. This is not user friendly. I would like to have a custom login page that would have a domain combo box.
Most examples I found implement this using Form security, however I need Windows Authentication since I want to connect to the SQL server using Integrated Authentication rather than a hard coded user name and password.
Does anyone know of a good article or sample code that shows how to implement this?
The following links to an article that explains how to authenticate a windows user using forms authentication, it uses a call to the native win32 api function LogonUser to acheive this. This way you can design your own custom login page with a drop down list to select a domain. Take a look, perhaps it will help.
Windows Authentication using Form Authentication
To get this setup so you don't have the authentication prompt, you are going to need to have the domains trust the accounts from one another. This article should get you pointed in the right direction:
http://technet.microsoft.com/en-us/library/cc787646%28WS.10%29.aspx