I am trying to use facebook authentication on my asp.net application.
I am using Facebook JavaScript SDK calls for this purpose.
In my case, I call the facebook javascript SDK from my normal Default.aspx page, then it authenticates, then sends the uid and access token to a data handler I created. In the datahandler I am creating the session. Then I redirect to the parent page from the data handler.
All this works fine when I am using a normal ASPX page (not any usercontrol). But when I use the same logic inside any user control and call the user control from the default.aspx page (in this case the facebook authentication and facebook login button is inside my user control), after authentication and calling data handler, when I redirect to my default.aspx from my datahandler, this cycle goes on infinitely.
My page keeps on authenticating and keeps on calling the datahandler when then again calls the default.aspx
Please suggest any good approach where I can authenticate the user and come back to my default.aspc when it has the user control.
I created my facebook authentication logic (used only the javascript and datahandler logic) by following this tutorial:
http://csharpsdk.org/docs/web/getting-started
I can attach the code also if requested.
Related
I have googled around but unfortunately I didnt find what I am looking for. For a small application I am working on, I am using a Webview. In this webview I would like to load a page where I would like to do the login - which is done using a http post request of type
--> "Content-Type", "multipart/form-data;boundary="+boundary; <--
Using a HttpURLConnection I can use a DataOutputStream passing the login data to the server. But how would I do such a login with on a WebView's WebEngine??
Best Regards
Load the page in the WebEngine and have the user enter their login credentials and submit them just like they would in a standard browser. The WebEngine will do the multi-part form data post the server to appropriately log the user in.
If you need to automate this process on behalf of the user (i.e. because you have authentication credentials stored elsewhere for a kind of single sign on app), then, once the engine has fully loaded the login page, you can make webEngine.executeScript calls to populate the form login fields on the page and trigger the submission of the login information to the server (probably by triggering a click event on the login form submission button).
You can also use this routine to execute jQuery on the document to do the form filling and trigger the submission if you prefer to work with that API.
I am developing a site and in this site i m building a functionality to capture a screen shot of a page. In my site i am using forms authentication.now first of all.
So when user login to the website he/she has to enter the credentials and then go to their profile page.
So now i am just creating a thumbnail of the user profile page using WebBrowser Control but the problem is , i m using forms authentication and it's always capture the login forms page because of forms authentication.
So Please help me ASAP.
In that case you will need to perform login programtically for forms authentication. Here is the piece of code which will be required.
FormsAuthentication.SetAuthCookie(UserName, false);
And here is more info
http://weblogs.asp.net/joseguay/archive/2009/03/23/the-asp-net-capsule-2-login-programmatically-with-forms-authentication.aspx.
However, be aware that the code you are using for creation of screenshot might not go well with it. So take care of this. These posts might help you in that case Send credentials to WebBrowser
You have to simulate forms authentication via WebBrowser control - essentially, use document object model (Document property) to locate user name/password input boxes, set their values and trigger submit (either inject java-script to do form submit OR use DOM to simulate login button click).
IMO, better way would be to use WebRequest (HttpWebRequest) to simulate the POST to login page to do authentication and then issue request to user profile page. Get the page html(from response) and load it in Web Browser control using DocumentText property.
In case, you have control over the server site, you may modify user profile page to allow un-authenticated access over certain requests (for example, from local machine or specified IP etc).
I've just finished implementing a modal dialog login popup for my ASP.NET website. The experience is similar to what you get with DIGG.com. When you log in, you get a fancy popup modal dialog (provided by the JQuery Tools Overlay control). The dialog is an ASCX file in the Master Page, so it's available globally. It uses a PageMethod to validate the current user. If the validation succeeds, I call window.location.reload(); in the PageMethod's success callback.
This works great when logging in on a page that doesn't require authentication, but what about when non-auth users are trying to navigate to a page that requires auth?
Is it possible to modify my web.config file so that instead of redirecting to a SignIn.aspx page for non-authenticated users I simply invoke the modal dialog instead?
Let's say a non-authenticated user is on Default.aspx which doesn't require auth. He wants to navigate to "Add.aspx" which does require auth. What's the best way to handle this with a modal dialog popup?
If I have to use a dedicated page, I guess I'll just have a SignIn.aspx page that invokes the dialog when it loads and if authentication succeeds, it'll use JavaScript to redirect to the destination page.
But ideally, I'd like to do the login from the Default.page and then redirect to "Add.aspx" with script.
Since I didn't get any feedback and went ahead and "solved" this issue conventionally. I still have a dedicated Login.aspx page but it's only used in cases where users navigate directly to a page requiring authentication.
In this case, I let ASP.NET redirect to the Login.aspx, and then using client script I invoke the popup dialog. I do the normal authentication using a WebMethod and then redirect as needed. If the user cancels the dialog, I just redirect back to Default.aspx.
Seems like there's no getting around the need for a dedicated Login page.
I have code examples from some of my previous work that help me to post form values to a web page (login credentials) and retrieve the text from that page. Now I want to pass in form values (login credentials again) but actually open that web page in a browser given those credentials.
How do I do that? I'm not doing anything nefarious. In our CRM app (home-grown as it is), I want to create a link button that opens our web site's protected products page given the user's credentials (based on the user's login credentials). Normally, I'd copy the user's credentials in our login page which then takes me to the products page. I'm trying to do this now by just clicking a link button.
Any suggestions?
How are you launching the browser? Is this an internal network app? If so, I would recommend using Windows Authentication for your ASP.NET app, and then you don't have to worry about passing credentials. If you can't do that, then you'll probably have to pass the credentials on the querystring generated by your CRM app. Obviously, this is a huge security risk. But the next step would be to perform your internal authentication and then call FormsAuthencation.RedirectFromLoginPage or FormsAuthentication.SetAuthCookie().
I am trying to manually implement a login system in ASP.NET 3.5. Basically, on load, I would like the site to check and see if user object is active, if not, than I want the login page to appear.
After user has logged in successfully, I would like the user to be able to access the same page he has requested originally.
for example:
user request to: MyPage.aspx - not logged in
login page appears instead of MyPage.aspx
user logs in successfully
MyPage.aspx appears instead of Default.aspx for example
Peering at the System.Net namespace, I see that there is an "HttpWebRequest Class" which has a "HttpWebRequest.AllowAutoRedirect Property" but am unsure how that would get me back from the login page.
NOTE: I know there are automatic authentication systems setup in ASP.NET, but I would like to have manual control over the database.
-- Tomek
What you could do, if you don't want to actually use the built in Forms Authentcation is:
Check if the user is authenticated on each page you want to hide from anonymous users. If they are not authenticated, redirect them to your login page with the URL in the query string.
if(!HttpContext.Current.User.Identity.IsAuthenticated) {
Response.Redirect(~/login.aspx?redirect=this_page.aspx");
}
Then on your login page, after a user logs in. Check the query string to see if there is a redirect parameter.
if(!String.IsNullorEmpty(Request.QueryString["redirect"]) {
string url = ResolveClientURL(redirect);
Response.Redirect(url);
}
Of course this is all built into .NET using Authentication, where you can deny anonymous access to certain directories, and when you do that, .NET will redirect to your login page (which is set in the web.config) and will include a "ReturnURL=blahblah" on your login page.
Just an FYI.
Just save the originally requested url in Session or a hidden field on the login page
After successful login, use Server.Transfer or Response.Redirect to jump to that page.
It looks like another method is described here. It seems that you can use the following object to return from the login page:
FormsAuthentication.RedirectFromLoginPage
Yet, according to the article, the better method is to use what JackM described, but with an overload:
Response.Redirect("~/default.aspx", false);
In doing so, you prevent the Session from ending when the page is redirected.