ASP.NET Windows Authentication, Domains and Roles

Posted: Dec/24/2009 By: pankaj Points:15 Category: .NET - ASP.Net Views:230 Vote Up (0) Vote Down (0)

We are using windows authentication for a web application and have the roles defined in the web.config for each page.
The problem is that we have to have them in the form DOMAIN\RoleName which means when we deploy it to a different domain we have to do a search and replace.
So is there either:

View Complete Post

Comments:

Be the first to comment this post.

Post Comment

Please login to post your comment

More Related Resources

Manual Sign Out in ASP.NET Forms Authentication

I utilized forms authentication as provided by ASP.NET engine. At first, everything worked well until there was a need to manually sign out current user. Quick look into MSDN documentation revealed SignOut() method of FormsAuthentication class. The documentation promised that this method signs out the user and redirects the client to login page. Considering the fact that I did not care about redirect (Flex application was running on the client side, so that redirection did not have any effect), I was hoping that the method would still perform desired effect and "de-authenticate" (I know, I know, that is not even a word) current user. At first, it seemed to work, but debugging revealed that even though this method removed authentication cookie, it did not sign out the user. User's identity was still marked as authenticated and subsequent calls to the Http handler would be considered authenticated. Furthermore, the session object was still valid, so that existing session information was still available. Quick look into MSDN revealed Session.Abandon() method, which would destroy session object upon execution. However, even though the session object was destroyed, client calls to ASP.NET web application were still considered authenticated. It was time to search the web to see if other developers faced the same issue.

Membership and roles?

Anyone knows good tutorial of membership and roles in MVC?

!!!Still Help needed on Forms authentication timeout

here is the case:

1. login to a page

2. waiting until my timeout

3. when clicking a new page after timeout, it goes to the login page... (expected)

4, after login, i want to go to the page i just clicked before the login...(how can i remember the page address i clicked so that i can redirect to the new page after login)

how can i accomplish No. 4 there after 1, 2, 3?

and

is there a timeout event on number 2 there(really i also dont know where to set the new address, i am think there must be an event on timeout which allow me do that, but i don't find it so far)? i am not talking about the OnLoggingOut Event.....

thanks......

Authentication cookie getting created on opening login page

Hi,

I am maintaining an application and when I open the Login page (NOT login), the Forms Authentication cookie gets created. I have checked in the Fiddler to confirm. On decrypting the cookie, it shows its an empty/junk cookie with values:

Name="-1"

IsAuthenticated= True

I have checked the code to see if there is any place where we are creating the cookie manually however could not find so. I have commented the code in the pageLoad event of the Login page and also the code for Application_AcquireRequestState, FormsAuthentication_OnAuthenticate, Application_AuthenticateRequest events in Global.asax file. But still the cookie gets created.

The Web.Config entry for the Forms Authentication is:

</forms>

</authentication>

</authorization>

Please suggest what other setting can cause the Forms Auth cookie to get created even before the login.

Thanks for your help!

Regards,

Arjun

</forms>

</authentication>

</authorization>

Problems Installing AKS 1.1 on Windows Server 2008 x64bit

Hi all,

I am trying to install AKS 1.1 (not 2 or 1.0 cuz thats the only release i was able to find on aks.hisoftware.com) on a windows server 2008 x64bit machine.

the toolkit installs in this location: C:\Program Files (x86)\HiSoftware\AKS .... but nothing in the 12\template\features folder.

the script install_AKSFEAT.bat refers to a feature name "AKS", but i cannot see the feature anywhere in the features folder, and i cannot see a WSP pacakge to deliver this feature to sharepoint!

i event tried to look for the feature manifest to reverse engineer the works of the feature but no luck finding this file in the AKS install folder.

what am i missing here? how can i get AKS 1.1 to install properly and the feature to activate? please HELP!!

- mutaz

Authentication failed because the remote party has closed the transport stream (Infopath Webservices error)

Hello,

Problem:

I am getting a similar but not the same inner exception.

My form works fine in infopath client as well as on one of my two web front end servers.

But I get the below error on my central Admin server which hosts Office Server web services.

Solutions tried which didn't work:

1. I have tried the DisableLoopback and the solution given here

2. http://social.technet.microsoft.com/Forums/en-US/sharepointsearch/thread/b1ba71ec-499a-44a0-81de-6165c660b80a

Stack Trace:

12/14/2010 15:54:57.61 w3wp.exe (0x1268) 0x118C Forms Server Forms Services Data Objects 13zh Exception System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Authentication failed because the remote party has closed the transport stream. at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Threading.ExecutionContext.runTryCode(Object userData) at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedClean... e0b5ef64-081b-45d4-9e77-9f767c5b4081

12/14/2010 15:54:57.61* w3wp.exe (0x1268) 0x118C Forms Server

Excel Services data connection issue. Single environment, none authentication

I really need someone's help to configure my SharePoint 2007/ Excel services connectioon to SSAS 2008. It surely cannot be that complicated???

MOSS on server 1
SSAS 2008 cube on server 1
Trusted data provider created (OLE DB, MSOLAP.4)
Trusted data connection library created
Trusted File location created - children trusted, allow external data = "Trusted data connection libraries and embedded"
Unattended Service Account - setup

I use Excel and create a new .odc file with athenticated type = NONE and save it to the Trusted data connection library. Using the odc I open a new workbook. I firstly get a security warning saying that "MS Office has identified a potential security concern. Data connections have been blocked. If you choose to enable data connections..."

I click on Enable, and now have access to my cube. I create a pivit table and chart and publish the workbook back to a child folder in the Trusted File location. All okay so far!!

Now I open the new workbook, and as soon as I try and interact with it, I get the dreaded error "Unable to retrieve external data for the following connections:

BI_Cube_PO01

The data sources may be unreachable, may not be responding, or may have denied you access

Verify that data refresh is enabled for the trusted file location and that the workbook data authentication is correctly set"

I really think the MOSS guys are missing a trick here. This should not be this difficult to set up and complaints and hassels to get this working is so well documented online!!

I do not want to use SSO - can someone please help.

Sharepoint subsite cannot be accessed from alternate domains

We are running a sharepoint site with a subsite for our telephone directory. The sites are hosted on servers within our London domain. We have users in multiple domains accross our network who access these sites. Up until a week ago this was working correctly however we are now getting an error accessing the subsite for anyone outside the London Domain.

When trying to access the subsite from a computer on a different doimain (e.g. Leeds), the user is prompted for their username and password which is fine. However after entering their details they get either an error 500 page cannot be displayed, or if using firefox they get a simple line of text saying "No Authority could be contacted for authentication". If within sharepoint we login as a different user and use credentials for the lodon domain the subsite page displays without any errors.

We had assumed that this was a problem with the credentials for users outside of London however, if we use a computer on the London domain, load the sharepoint site and login with a Leeds domain users credentials, the subsite works absolutely fine. So the problem only seems to exist when trying to access the site from a computer on a different domain.

Any help would be greatly appreciated. If you need any further information please let me know.

Thanks

Steve

2 domains in sharepoint business portal - we can add users to sharepoint but not to Business Portal, any idea?

Hi,

We setup a windows 2003 server with sharepoint 2007 using an administrative user from DOMAIN-A. Then we stablished a trust relationship in one way with DOMAIN-B.

With that, we are able to see users from domain B in domain A and in the server, and that works for sharepoint 2007 in order to add users and profiles, however inside Business Portal we are not able to see users from domain B.

Any idea?

Thanks.

downloading multiple files without "Open with Windows Explorer"

Hi,

I have got a document library onto which a large amount of pdf documents are uploaded every day. Some of the users of my SharePoint site log in via Form authentication. These users want to download the above documents, but it takes too long to do one-by-one. They want to download multiple documents at once. As they are not logged in via Windows authentication, the "Open with Windows Explorer" doesn't work for them.

Is there any alternative to allow users to download multiple files at once? A webpart, for example?