Hi have form authenticaion for my site, and it works fine on localhost and godaddy, but after moving to another hosting it stop working.
After login in admin area after 2-3 minutes I redirecting back to login screen.
Does anybody know if I change some settings on IIS or what is the source of the problem?
My code looks like
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="10000" slidingExpiration="true"/>
</authentication>
FormsAuthentication.SetAuthCookie(userName, rememberMe);
If your application domain is being shut down and you have no machineKey section in Web.config (or validationKey/decryptionKey="AutoGenerate") you will get new validationKey/decriptionKey after every application start and authentication cookies will become invalid. Visit http://aspnetresources.com/tools/keycreator.aspx and add generated machineKey section into your Web.config.
Related
I have one mvc5 application with few subdomains like this:
example.com
ex1.example.com
ex2.example.com
When I log in to example.com i'm not logged in other subdomains. I added in web.config following node:
<authentication mode="Forms">
<forms name=".ASPXAUTH" loginUrl="~/Account/Login/" protection="Validation" timeout="120" path="/" domain=".example.com"/>
</authentication>
But it still doesnt work :(
Please help.
Check that you are using the same machine key for for each of the applications in the subdomains. Also you may need to set the machine key compatibility mode to Framework20SP2.
Edit:
Take a look at this post as well: ASP.NET Identity Cookie across subdomains
I have a site on IIS configured to use Windows Authentication type.
What I need to do is to have ability to skip displaying Windows credentials prompt for users which are connecting outside the domain. In the case of outside access I need to redirect user to custom login page on the same site (based on Windows Authentication).
Can you please tell me if there any ability to do that?
UPDATE : site on IIS configured to use Windows Authentication type - and it shouldn't be changed
Change authentication mode your web.config
Something like:
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>
I want users to be able to login once and not worry about having to login again until they explicitly logout using FormsAUthentication in ASP.Net 3.5.
I have mention in web.config
<authentication mode="Forms">
<forms name="_AuthCookie" loginUrl="~/LogIn.aspx" defaultUrl="Default.aspx" timeout="50000000"></forms>
</authentication>
But the user logging out after 20 mins.
Please help me on this...
Check IIS.
IIS supersedes what your web.config sets as a timeout.
Select Default Web Site > Properties > Home Directory > Application Settings > Configuration > Options.
I'm not sure what the max is, or if you can set it to only expire once the user actually logs out (FormsAuthentication.Signout() + Session.Abandon() )
Perhaps using slidingExpiration would help, but not sure.
I use asp.net cookie in my application here is my web config :
<authentication mode="Forms">
<forms path="/"
defaultUrl="Default.aspx"
loginUrl="Login.aspx"
name=".ASPXAUTH"
slidingExpiration="true"
timeout="3000"
domain="www.mysite.com"
cookieless="UseDeviceProfile"/>
</authentication>
it works fine but I have a problem, after some days when a user has been working with the site application, suddenly my login control didn't work. I found out it will work after deleting temporary files.
Edit : Please pay attention to domain when User request www.mysite.com every thing is okay but without "www" login doesn't work. in firefox they are working very good. this is IE problem.
How I can solve this ?
It's about your Host and server (IIS Service provider), it seems like they change some default script files in your "aspnet_client\system_web\2_0_50727" folder like "WebUIValidation.js" or "SmartNav.js". Those are ASP.net default scripts. If you change your Host provider, you will see its working good and (Cross Browser).
I'm running the latest version of YetAnotherForum in a folder beneath my main WebApplication. The subfolder is configured as an application in IIS and navigating to the folder and logging in works wonderfully. YAF is setup with a membership provider and uses Forms Authentication.
What I'm trying to do now is to auto login a user into the forum from the main website. The main website uses custom authentication through sessions and cookies. It doesn't use any of the built in ASP.NET authentication or membership components.
So basically what I want to happen is that when a user click on a link to access the forums, they're sent to a processing page that authenticates them into the YAF Application before it sends them over to the subfolder.
Even though the main app doesn't use the built in authentications pieces, I've still set the authentication mode to forms and made sure the tag beneath that matches the one in the YAF web.config. Then, on the processing page I'm calling FormsAuthentication.SetAuthCookie(username, true), then redirecting. But YAF kicks me back to the login page anyway. Not sure where to go from here.
Main site is:
example.com/
web.config:
<authentication mode="Forms">
<forms name=".YAFNET_Authentication" protection="All" timeout="43200" cookieless="UseCookies" />
</authentication>
YAF is:
example.com/yaf (Seperate WebApplication in IIS)
web.config
<authentication mode="Forms">
<forms name=".YAFNET_Authentication" protection="All" timeout="43200" cookieless="UseCookies" />
</authentication>
Processing page is: (in pseudo)
example.com/autoLogin.aspx.cs
public void AutLogin(){
string userName = doStuffToGetUsername();
YAFStuff.CreateUserIfNeeeded(userName);
FormsAuthentication.SetAuthCookie(userName, true);
Response.Redirect("/yaf/");
}
I'd been searching Google for 2 days trying to sort this out, but I finally stumbled onto the solution. I needed a MachineKey that matched on both web.config files for the encryption process.
http://forum.yetanotherforum.net/yaf_postst8780_Custom-membership-and-role-provider-with-YAF-Profile-provider.aspx
Sweet!