forms-authentication

问题 I have an ASP.NET MVC3 application deployed to a shared hosting service. It uses FormsAuthentication and SSL: <authentication mode="Forms"> <forms loginUrl="~/Home/Index" timeout="240" requireSSL="true" /> </authentication> The problem is in some Razor (partial) views: I execute a callback to a controller method which, for purposes of testing, simply sleeps and returns a PartialView. My question revolves around Response.IsAuthenticated. It is true before the callback and sleep and remains

问题 I am using FormsAuthentication for my current project. I am facing an issue. I am saved some user information to FormsAuthenticationTicket.UserData string its working fine if user just login and redirect to main page, but if user check Remember Me checkbox and login again then i am getting UserData as a emoty string. Here i am creating Authentication ticket after Login private void CreateAuthenticationTicket() { var userInfo = new UserProvider().GetUserInfo(UserName); if (userInfo != null &&

问题 A) Why, when using templates with CreateUserWizard control, does including Textbox with ID=Email depend on whether CreateUserWizard.RequireEmail property is set to true, but TextBox with ID=Question is required only if underlying membership provider requires password question? In other words, why wouldn’t it also be up to underlying membership provider to decide whether Textbox ( with ID=email ) is required? B) On the other hand, why would be up to membership provider to decide whether

问题 Following this title, in my web.config, it's generated by VS 2012. Now, i don't know where i put the below code in web.config through i saw someone put it in <system.web> but in my web.config it have only <system.web.webPages.razor> and <system.webServer> . When i put this code somewhere in web.config I get an error at <authentication mode="Forms"> : There's code : <authentication mode="Forms"> <forms loginurl="~/Comfirm/Login" timeout="2880"></forms> </authentication> 回答1: You are putting it

问题 I have a web application where forms authentication is used. The user names are the same that the ones used by the users in their computers, so they want the web app to be able to detect that user name so the app can log it the user automatically. How can it be done? I mean, if I set the authentication mode to "Form" do I still get those credentials from IIS? I know this can be done in several better ways than this, but I am interested in this particular way. As it is a small web app in an

问题 I have a web application where forms authentication is used. The user names are the same that the ones used by the users in their computers, so they want the web app to be able to detect that user name so the app can log it the user automatically. How can it be done? I mean, if I set the authentication mode to "Form" do I still get those credentials from IIS? I know this can be done in several better ways than this, but I am interested in this particular way. As it is a small web app in an

问题 I have a web application where forms authentication is used. The user names are the same that the ones used by the users in their computers, so they want the web app to be able to detect that user name so the app can log it the user automatically. How can it be done? I mean, if I set the authentication mode to "Form" do I still get those credentials from IIS? I know this can be done in several better ways than this, but I am interested in this particular way. As it is a small web app in an

问题 Our SSO login process uses Forms Authentication against a custom user store in SQL Server. One of our new security requirements is to only allow an account to have one active session at a time. So any time a user logs in, we will check to see if the login credentials are already active, and preferably prevent the new user from logging in again until the other session ends. Alternatively we could force the other session to end, if that would be easier to implement. Is there a simple way to do

问题 We have an MVC app which has a custom forms authentication view/controller. The controller will verify things and then do a FormsAuthentication.RedirectFromLoginPage call. At this point in the Global.asax we'll receive a Application_OnAuthenticateRequest call from where we'll get their Context.User information and make another call to gather information relevant to this account which we then store in their Context.User & System.Threading.Thread.CurrentPrincipal. We also do a little caching of

问题 We have an MVC app which has a custom forms authentication view/controller. The controller will verify things and then do a FormsAuthentication.RedirectFromLoginPage call. At this point in the Global.asax we'll receive a Application_OnAuthenticateRequest call from where we'll get their Context.User information and make another call to gather information relevant to this account which we then store in their Context.User & System.Threading.Thread.CurrentPrincipal. We also do a little caching of