I am in a system which developed by Java EE, the link is inside a jsp page, like in this jsp page i have Visit W3Schools, need to log in to this aspx page in different domain without entering username and password. What should put in the target attribute?
In a different domain, pass username and password as query string and fetch this in the aspx page. In the page_load of aspx page, check the username and password with database and allow user accordingly.
Related
I am using asp.net web application.I am sending user a link on email id.When user click on that link,web page get open.I am passing querystring to that page.
Like : htttp://localhost:7899/Test.aspx?Id=2
I don't want user to do changes in querystring (id) Id.How to do that?
No very familiar with asp.net, but I have to modify an old asp.net web app. The app has a pretty standard asp login control screen with username, password and a login button with CommandName = "Login".
The modification would be - when the Windows login user is a domain user, I then set a specific username/password and automatically log in the user to the home page. I tried not to change the code too much because ValidateUser() has special logic in it.
I can get the domain user info using:
HttpContext.Current.Request.LogonUserIdentity.Name;
and set default user/pass using
this.Login1.UserName = "myuser";
(TextBox)this.Login1.FindControl("Password").Attributes.Add("value", "mypass");
But I don't know how to execute the click action of login button (asp ImageButton.)
Any help will be appreciated.
I am making a project. In that project first page is Login page.
In Login page, user'll enter user Id and Password, if match, page will redirect to second page.
In second page there is a hyperlink to go to third page.
In third page I want to show user's all the details like- firstName, lastName, emailId, mobileNumber, password etc.
My doubt is how to carry userId and Password from first page to third Page.
Please Help me.
Thanks in advance.
Save the user name and ID not the password, you don't need to save the password because it's not a good for security.
Go through this, it'll help you.
http://msdn.microsoft.com/en-us/library/system.security.principal.windowsprincipal(v=vs.110).aspx
You can use the WindowsPrincipal class to save the user credential it's save the user name and ID not the password, you don't need to save the password because it's not a good for security.
http://msdn.microsoft.com/en-us/library/system.security.principal.windowsprincipal(v=vs.110).aspx
Use cookies or session , will help you for both authentication and for what u mentioned here
http://www.w3schools.com/ASp/asp_cookies.asp
http://www.codeproject.com/Articles/32545/Exploring-Session-in-ASP-Net
You can store userId in Session or cookie on login success and get it on required page.
Do not store password in session or cookie as it may harmful from security point of view.
I suggest you to refer asp.net state management.
http://www.codeproject.com/Articles/492397/State-Management-in-ASP-NET-Introduction
http://www.codeproject.com/Articles/331962/A-Beginner-s-Tutorial-on-ASP-NET-State-Management
The way you are redirecting to Second Page from Login Page, just redirect directly from Login to Third Page.
Also, while checking login details, if user is an authenticated one, keep User ID in Session, so that you can easily retrieve logged in user's all details using that User ID.
In your login page check username and password is valid or not
if valid then create a session of userid for e.g Session["userid"]=userid
now in your third page you can get users firstname,lastname etc from userid
E.g:
int userid =Convert.ToInt(Session["userid"]);
var userDetails = GetUserInfomationfromid (userid) // here you can get user infomation from userid
if you want to read more about StateManagement in ASP.net
http://www.codeproject.com/Articles/492397/State-Management-in-ASP-NET-Introduction
i am using firefox 3.63 with asp.net mvc2 in vs 2010.the thing is that in my application's userlogin form the username and password by which i login. i had the browser's remeberme save my username and password.
but the thing is that the same username and password is coming at the time of creating user(different form) with username and password field auto populated(it had to be blank but it is not). i checked in firebug it had the value="". how can i solve this issue?
You can design the HTML so that the fields in the form for creating a user are not automatically populated.
You probably want these fields to be connected to the fields for logging in, since this will let your users' browsers automatically fill in the user name after creating a user, for example. (This is what in your case is copying data from the form for logging in to the form for creating a user.)
I am trying to manually implement a login system in ASP.NET 3.5. Basically, on load, I would like the site to check and see if user object is active, if not, than I want the login page to appear.
After user has logged in successfully, I would like the user to be able to access the same page he has requested originally.
for example:
user request to: MyPage.aspx - not logged in
login page appears instead of MyPage.aspx
user logs in successfully
MyPage.aspx appears instead of Default.aspx for example
Peering at the System.Net namespace, I see that there is an "HttpWebRequest Class" which has a "HttpWebRequest.AllowAutoRedirect Property" but am unsure how that would get me back from the login page.
NOTE: I know there are automatic authentication systems setup in ASP.NET, but I would like to have manual control over the database.
-- Tomek
What you could do, if you don't want to actually use the built in Forms Authentcation is:
Check if the user is authenticated on each page you want to hide from anonymous users. If they are not authenticated, redirect them to your login page with the URL in the query string.
if(!HttpContext.Current.User.Identity.IsAuthenticated) {
Response.Redirect(~/login.aspx?redirect=this_page.aspx");
}
Then on your login page, after a user logs in. Check the query string to see if there is a redirect parameter.
if(!String.IsNullorEmpty(Request.QueryString["redirect"]) {
string url = ResolveClientURL(redirect);
Response.Redirect(url);
}
Of course this is all built into .NET using Authentication, where you can deny anonymous access to certain directories, and when you do that, .NET will redirect to your login page (which is set in the web.config) and will include a "ReturnURL=blahblah" on your login page.
Just an FYI.
Just save the originally requested url in Session or a hidden field on the login page
After successful login, use Server.Transfer or Response.Redirect to jump to that page.
It looks like another method is described here. It seems that you can use the following object to return from the login page:
FormsAuthentication.RedirectFromLoginPage
Yet, according to the article, the better method is to use what JackM described, but with an overload:
Response.Redirect("~/default.aspx", false);
In doing so, you prevent the Session from ending when the page is redirected.