I'm using ServiceStack with ClientHttp web request mode and when I try to check if the user is currently logged in (for sometime I'll need a bridge between asp.net authentication and SS one) I got false for IsAuthenticated...I've configured my service client this way
jsonServiceClient = new ServiceStack.ServiceClient.Web.JsonServiceClient(BaseAddressHelper.GetBasePathWithApiPath());
jsonServiceClient.ShareCookiesWithBrowser = true;
jsonServiceClient.UseBrowserHttpHandling = false;
jsonServiceClient.StoreCookies = true;
But when I'm on the Service I got false... if I use jsonServiceClient.UseBrowserHttpHandling = true; that part is ok but when I got an exception I don't get it deserialized correctly.. anyone of you got the same problem?
Thanks in advance
Related
I've implemented Microsoft Identity in a .NET 5 application. I want the user to always be prompted to log in to the app whenever a challenge occurs, hence the following code:
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(options =>
{
options.CallbackPath = ...
options.Events.OnRedirectToIdentityProvider = c =>
{
c.ProtocolMessage.Prompt = "login";
return Task.CompletedTask;
};
})
This works as expected. Is there a property (outside of the tenant-wide option) to also disable the KMSI prompt that still occurs? I went through each of the properties off of the root but it wasn't clear to me. Thank you.
Is there a way to configure the .NET client so that it will work with a IIS hosted SingalR that uses Windows authentication?
If I disable windows authentication it works, but this is not an option
setting connection.Credentials = CredentialCache.DefaultCredentials does not help.
The code
public EventProxy(IEventAggregator eventAggregator, string hubUrl)
{
typeFinder = new TypeFinder<TProxyEvent>();
subscriptionQueue = new List<EventSubscriptionQueueItem>();
this.eventAggregator = eventAggregator;
var connection = new HubConnection(hubUrl);
connection.Credentials = CredentialCache.DefaultCredentials;
proxy = connection.CreateHubProxy("EventAggregatorProxyHub");
connection.Start().ContinueWith(o =>
{
SendQueuedSubscriptions();
proxy.On<object>("onEvent", OnEvent);
});
}
ContinueWith triggerst directly after Start and when the first subscription comes in I get a
The Start method must be called before data can be sent.
If I put a watch on the DefaultCredentials I can see that Username, Domain and Password are all String.Empty. Its a standard Console program, Enviroment.Username returns my username
Sure, set connection.Credentials = CredentialCache.DefaultCredentials. More details about credentials here http://msdn.microsoft.com/en-us/library/system.net.credentialcache.defaultcredentials.aspx.
I am connecting to a java web service from my asp.net app ,but I am getting a 400 Bad request exception.
I have added a web reference in my project and using that to connect in the code as follows :
client is the web service reference object.
NetworkCredential credentials = new NetworkCredential("", "");
client.Credentials = credentials;
client.PreAuthenticate = true;
client.RequestEncoding = Encoding.UTF8;
object response = client.getmethod(req);
I also tried putting in
client.UnsafeAuthenticatedConnectionSharing = true;
client.AllowAutoRedirect = true;
but it still does not work and gives me the same error. The request is working if i try from Soap-UI from my machine.
To Add, I am getting a ClientProtocol error in SoapUI also if i don't select authentication type as "PreEmptive". Is there a way to set this in asp.net.
Any thoughts would be appreciated.
I worked on a sample application integrating OpenID into ASP.NET Web Forms. It works fine when hosted locally on my machine. However, when I uploaded the application to a live server, it started giving "Login Failed".
You can try a sample here: http://samples.bhaidar.net/openidsso
Any ideas?
Here is the source code that fails to process the OpenID response:
private void HandleOpenIdProviderResponse()
{
// Define a new instance of OpenIdRelyingParty class
using (var openid = new OpenIdRelyingParty())
{
// Get authentication response from OpenId Provider Create IAuthenticationResponse instance to be used
// to retreive the response from OP
var response = openid.GetResponse();
// No authentication request was sent
if (response == null) return;
switch (response.Status)
{
// If user was authenticated
case AuthenticationStatus.Authenticated:
// This is where you would look for any OpenID extension responses included
// in the authentication assertion.
var fetchResponse = response.GetExtension<FetchResponse>();
// Store the "Queried Fields"
Session["FetchResponse"] = fetchResponse;
// Use FormsAuthentication to tell ASP.NET that the user is now logged in,
// with the OpenID Claimed Identifier as their username.
FormsAuthentication.RedirectFromLoginPage(response.ClaimedIdentifier, false);
break;
// User has cancelled the OpenID Dance
case AuthenticationStatus.Canceled:
this.loginCanceledLabel.Visible = true;
break;
// Authentication failed
case AuthenticationStatus.Failed:
this.loginFailedLabel.Visible = true;
break;
}
}
As Andrew suggested, check the exception. In my case, my production server's time & date were off and it wouldn't authenticate because the ticket expired.
Turn on logging on your live server and inspect them for additional diagnostics. It's most likely a firewall or permissions problem on your server that prevents outbound HTTP requests.
You may also find it useful to look at the IAuthenticationResponse.Exception property when an authentication fails for clues.
I have written the following code for login:
Session["IsLogin"] = false;
System.Configuration.Configuration config = System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration("~");
if (txtPassword.Text.Trim() == string.Empty)
{
// Display Error
}
else
{
string Pwd = config.AppSettings.Settings["PWD"].Value.ToString();
FormsAuthenticationTicket formAuthTk = FormsAuthentication.Decrypt(Pwd);
string strDcryptedPwd = formAuthTk.Name.Trim().ToString();
if (txtPassword.Text.Trim() == strDcryptedPwd)
{
Session["IsLogin"] = true;
Response.Redirect("AnyPage.aspx");
}
else
{
// Error, Wrong password
}
}
Which is running fine while running through Visual studio. But when I published it it is showing the below error:
System.Web.HttpException: Unable to validate data
NOTE:
I publish the application on the
same server on which I am developing
the site.
I have tried EnableViewStateMAC =
false on page level. [Login Page]
What is the reson of this error? Why it is only appears when I have published the site?
I have changed the way to encrypt the string and the problem disapperars. I have no idea about the reason of the error, but I resolved it like this.
Hope it will help to others, who are facing the same issue.
you do not need to declare the config in the way you did, just use Configuration.AppSettings["PWD"].ToString()...
see here:
How to: Read Application Settings from the Web.config File