How exactly can one implement a Log off function when using ASP.NET Forms Authentication on an intranet application?
How will this work if I am an administrator and want to log in "as someone else" into the application?
Please share your ideas
FormsAuthentication.SignOut(); ;)
The preferred authentication for an intranet application is to use windows authentication instead of forms authentication.
In which case you can just log off of windows and login as "someone" else.
Don't forget to also add Session.Abandon() to ensure session data is purged as well
Related
What is the way to do the aboslute same app BUT with user authentication? https://learn.microsoft.com/en-us/aspnet/core/tutorials/first-mvc-app/?view=aspnetcore-2.1
If I just select the user authentication in the beginning, the migrations get messed up and MvcMovie link remains unresponsive.
Thanks!
Try to read this blog from Microsoft. This will help you start how to implement Identity and Authentication
I would like my ASP.net MVC5 application to authenticate against my active directory. Using "Windows Authentication" when creating my project works fine but I would like to do that same thing using a interface similar to "Individual user accounts". That way my users would be able to log out whenever they want and log in again as a different user. All I want is "Windows Authentication" but with a login form and a logout option.
I have tried everything but nothing seems to work, is this so difficult to do?
Thanks in advance for your answers
Windows Integrated Authentication uses Kerberos, so the Webserver (probably IIS) will handle the Authentication for you - your application does not have a chance to intercept this behavior.
But there is a way to do what you want:
http://msdn.microsoft.com/en-us/library/ff650308.aspx
I have an ASP.Net side that right now works with Forms Authentication. I'm implementing several Rest webservices with Web API and, in order to use them outside the browser context (e.g. a console app) it feels like I'll need Basic Authentication (refer to http://www.asp.net/web-api/overview/security/forms-authentication)
However, when I try to enable both Forms and Basic Authentication at the same time in IIS, IIS Manager tells me the following: "Challenge-based and login redirect-based authentication cannot be used simultaneously".
What should I do and how can I enable Basic Authentication so I can use Web API services outside a browser context?
Thank you.
Check this post which solves your issue http://kevin-junghans.blogspot.com/2013/02/mixing-forms-authentication-basic.html
This is bugging me, but think I traced the problem down to working on a Forms Authentication App and now I have switched back to trying to use Windows Authentication, but for some reason just wants to keep using Forms Authentication.
Have just the usual in the web.config, even tried Signing Out of Forms Authentication, but still insists on working in Forms Authentication.
So the up-shot is I get when trying System.Web.HttpContext.Current.User.Identity.Name is a nice Empty string and user is not Authenticated.
How do I get my Windows Authentication back ?
cheers
Michael
Check that the web application folder is configured to use Windows authentication in IIS, also check the content files, they should inherit the parent permissions. Also re-check the authentication mode in your web.config file, make sure it's set to Windows.
I have an ASP.NET application using Windows Authentication.
At the moment the only way for a user to log-off the application is to close the browser (it is a pain because closing the tab itself is not enough).
I would like to have a log-off button so make it easier to log-in as a different user.
Is it possible at all (IE and/or Firefox)?
Thanks.
Found it:
ASP.NET Windows Authentication logout
You should use forms auth if you want to show good ui login, logout forms.
Via IIS you can verify ldap users.