.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Auth. across subdomains prevents Auth. on development machine

Posted By:      Posted Date: September 16, 2010    Points: 0   Category :ASP.Net
Is there any solution to the following scenario (which I'm in right now)...? I have 2 related websites under 2 related but distinct subdomains, 1 web server, 1 membership database Prior to configuring  these for cross-domain login, I could test the website in my development server that comes with VS2008. Then i make the following changes in the web configs of each site: identical authentications->forms element, both referencing the same domain identical machinekey elements identical membership, profile, and role providers with applicationName="/" And now, I just can't login. I can reset the password, access the db, etc, but i think because the development machine isn't in the subdomain or something, it won't let me test the rest of the authenticated-users-only pages. It's a very simple test I'm trying to do. There's very few pages, and a barebones webconfig in each, except for the elements inserted above. How can I get this to work so that I can test/debug from my development machine and still login and do everything I need to?  Thanks!

View Complete Post

More Related Resource Links

WCF Windows Auth (NTLM) Problem when Client and Server are on the same machine


I have WCF service being hosted in IIS with windows auth enabled, it is running under NetworkService account .  I have a simple method on my WCF service which just reflects the identity of who is calling it.


public string RefelctIdentity()



return HttpContext.Current.User.Identity.Name;


I am using IIS to authenticate the user and pass me the WindowsPrincipal in the HTTP context.

I am consuming the WCF service witha client used in a WindowsService that is being run under the NetworkService account.  When the WindowsService.  When running b

HttpWebRequest NTLM auth to secure server only works in .NET 4

Hi, I am trying to connect to a secure server via a proxy server which requires NTLM authentication, somewhat similar to http://social.msdn.microsoft.com/Forums/en-US/netfxnetcom/thread/a4aba6c5-6180-441e-ab60-95347fcdc051 The test app below fails with a 407 error when target framework is set to .NET 2, 3, or 3.5, but succeeds w/ .NET 4: static void Main(string[] args) { WebProxy myProxy = new WebProxy(); myProxy.Address = new Uri("http://testproxy.here.com:3121"); myProxy.Credentials = new NetworkCredential("proxyuser", "password", "testproxy.here.com"); HttpWebRequest request = (HttpWebRequest)WebRequest.Create(new Uri("https://testserver.here.com/sessions")); request.Method = WebRequestMethods.Http.Post; request.ProtocolVersion = new Version("1.1"); request.Credentials = new NetworkCredential("username", "password"); request.Proxy = myProxy; allDone.Reset(); request.BeginGetResponse(new AsyncCallback(GetResponseCallback), request); allDone.WaitOne(); } private static void GetResponseCallback(IAsyncResult asynchronousResult) { HttpWebRequest httpWebRequest = (HttpWebRequest)asynchronousResult.AsyncState; HttpWebResponse httpWebResponse = null; try { if (httpWebRequest.HaveResponse == true) { httpWebResponse = (Htt

SQL changes from Mixed to Windows auth mode after SQL updates

We run a SQL 2005 cluster on Windows 2008 in Mixed authentication mode.  The last two times we have applied a SQL security patch, it automatically changed the auth mode from Mixed to Windows-only, taking our applications offline.  Most recently was today, when we applied KB970892. Can someone explain why this is happening and how we can prevent it?

SharePoint 2010 Claims Based Authentication - anonymous site is prompting for CBA auth when opening

Hi, I have CBA setup successfully on my sites.  One site is setup for anonymous access and I have disabled "client integration" on that web application. I have a list of MS Office documents on a wiki.  When I click on one I am asked to either save or open or cancel.  Saving works fine but when I choose open, it launches the associated MS Office app.  I am then prompted for a login from CBA.  I can click cancel and the logon screen appears again.  After clicking cancel the 2nd time the document appears in the MS Office app, Word in this case. My question is how do I prevent my users from being prompted for a CBA login when clicking on these files and opening them in the native app on their machine?      --TR

Windows Auth Web App extended to FBA, and only one web app at a time is allowing SSL

I had a farm with about 6 web applications, all using SSL. I just created another web app and extended it to use FBA. I attach a self-signed cert until its ready for prod (in IIS 6 using SelfSSL.exe), both web apps have dedicated IP's, which set under the WebSite tab in the site's properties, as well as "Multiple SSL identities for this Web Site" and the host header is listed above that in "Multiple identities for this web site" and both are listed as having the https:// protocol in Alternate Access Mapping in Central Admin. Everything is set to use port 443, both in Sharepoint and in IIS. But only one of these two web apps will allow an SSL connection at the same time, I can get SSL to work on either one individually, but as soon as I can hit the site with https:// protocol, the other site stops working with SSL, yet can be hit with the http:// protocol. what gives? Thanks

Claims Based Auth Corrupting Permissions?

So I'm noticing everytime I enable claims based authentication on a web application all pre-existing windows based permissions fail. I believe this is due to the Identity Manager presenting a different account than those present from Classic mode authentication. You can see below that the Classic Mode Account's list the normal domain\username while the claims based version of the same account is completely different and causing a mismatch. So I figure I must be missing something obvious for how to migrate to claims based, they can't honestly expect people to redo permissions across their entire sharepoint instance. Example (DisplayName followed by Account): Name: All Authenticated Users Account: c:0(.s|true Name: NT AUTHORITY\authenticated users Account: NT AUTHORITY\authenticated users Name: DOMAIN\domain users Account: c:0+.w|s-1-5-21-2428780107-2384587425-257213858-513 Name: DOMAIN\domain users Account: DOMAIN\domain users

Windows Auth - still showing login prompt in IE...

Hi, I'm trying to setup my IIS 7.0 MVC2 site but having problems. I want to use Integrated Security so that the app can obtain the user's credentials. We can then do a look-up of some AD groups to determine what they can do from that point onwards. The problem is - Every time we browse to the application, instead of navigating to our main page immediately, we get a login prompt provided by IE. I've read that we need to make sure that in the browser's Tools->Options->Advanced-> (Securiy-> ENable Windows Intagrated Security) must be checked - which it is on ALL 3 machines where I try this. The machines AND the server are all in the same domain. My config file states <authentication mode="Windows" /> and I've tried every combination for <identity...> and <authorization...> but to no avail. I can only get the "login" prompt to go away if I enable Anonymous Authentication - but then I can't detect the windows user or their group membership. What is causing the perpetual display of the login prompt - Its driving me mad ! Help...

Deploying taxonomy term store and managed meta column from development machine to production machine

Hi, In my development environment, I created a taxonomy term store by importing a CSV file. I also created a site column of type "managed meta data" based on that term store. Now, I want to migrate to production environment. What is the best way to do this? When I generate the schema of my site column, it looks like this: <Field Type="TaxonomyFieldTypeMulti"    DisplayName="Article Type"    List="{d8b20e4f-ce12-4def-b59d-d44da2c13234}"    WebId="eef74e7c-a852-4c89-b811-e31b86853641"    ShowField="Path1033"    Required="FALSE"    EnforceUniqueValues="FALSE"    Group="Custom Columns"    ID="{47f78411-65fa-43c9-8cb8-68955aea1256}"    SourceID="{eef74e7c-a852-4c89-b811-e31b86853641}"    StaticName="Article_x0020_Type"    Name="Article_x0020_Type"    Version="4"    Mult="TRUE"    Sortable="FALSE"> <Default></Default> <Customization> <ArrayOfProperty> <Property> <Name>SspId</Name> <Value xmlns:q1="http://www.w3.org/2001/XMLSchema" p4:type="q1:string" xmlns:p4="http://www.w3.org/2001/XMLSchema-instance">99d

what are valid client credentials in windows auth?

I just finished configuring a service to use net.tcp binding and use security mode of Transport with Windows creds.  Previously I had been using security mode none, but I'm trying to improve things. So this works for client computers that are members of my domain.  But when I try to launch the client on a computer using a local account login that is not a member of the domain, I get "The server has rejected the client credentials". In order for "Transport" mode "Windows" credentials to work, do all clients have to be run from domain authenticated workstations? How can I get my client to run from this non-domain computer?  Its on the same network, but not a member of the domain. -Ethan Nelson

Differentiate between Windows Auth and Forms Auth users when authenticating against same AD with Sha

I am currently working on a SharePoint 2010 project where the environment is setup with a SharePoint web application using claims based authentication. The web app is created on port 8081 using Windows Authentication for auth, and extended to port 80 using Forms Based Authentication.

The forms authentication provider is setup to use the same active directory as the windows auth based site, using the following entries in the application's web.config (the entries are in the central administration and security token service web.config files as well):

        <membership defaultProvider="i">
        <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
        <add name="FBA_AD_MP" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADFBAConnectionString" enableSearchMethods="true" attributeMapUsername="userPrincipalName" />

moss07 calling wcf service - caller not auth by service


I've got a moss2007 web part that is calling a wcf service. I can call the service fine outside of moss and it works fine. when i convert the user control into a web part and make the call I get:

System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed. at System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(Message message, EndpointAddress target) at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout) at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Security.CommunicationObjectSecurityTokenProvider.Open(TimeSpan timeout) at System.ServiceModel.Security.SecurityUtils.OpenTokenProviderIfRequired(SecurityTokenProvider tokenProvider, TimeSpan timeout) at System.ServiceModel.Security.SymmetricSecurityP

ASP 4.0 and Custom SQL Server DB for Forms Auth


Hi, I have done some research and tried to find answers on how to integrate forms authentication with ASP.NET but all I can find is for 2.0. I don't mean to sound ignorant or annoying about it, but does anyone have a quick link to somewhere where I could find out how to integrate a custom SQL Server DB (with username, password, id, etc columns for user) with ASP.NET 4.0?

My application is actually a Silverlight Business Application where I am trying to log in/register users in a separate Database in a SQL Server 2008 engine.

If you don't have a link, but instead suggestions, anything would be much appreciated! Thanks,


ASP.NET Forms Auth - exclude "/" root from being authenticated


Hi All,

 We have a weird issue found during setting up a new Windows 2003 Server with IIS6.0 & ASP.NET 2.0, our site is built using ASP.NET forms authentication with general authorization to deny access to all users & allow explicitly to static, home pages etc, -- web.config setting for forms auth looking as below:

         <authentication mode="Forms">
            <forms name="appNameAuth" path="/" loginUrl="~/Pages/Users/Login.aspx" protection="All" timeout="60" defaultUrl="~/Pages/Inner.aspx">
            <deny users="?"/>

Issue is this:

If we access the site as http://localhost/default.aspx works fine & can view the home page of our website, but if we access using http://localhost/ - expect to view the default.aspx (as it's set as default document), but for some reason ASP.NET Forms Authentication thinks "/"

Problem with Sharepoint 2010 - Claims Auth - Windows Auth and FBA. consistent redirects back to "cho


We have sharepoint 2010 foundation site that we can successfully login with via IE, Firefox, Chrome both on the domain and externally with Claims Authentication with only Windows Auth type selected (NTLM).

Once we add FBA and use the default signin page, we can still login (we select Windows Auth from the dropdown) BUT it only works on the domain. When we try to access externally, the only browser that works is FireFox. Both Chrome and IE just constantly redirect back to the Choose Authentication dropdown screen.

We have tried for the last 2 days to sort this out. Has anyone else experience this? It looks like the default sign in page somehow doesn't set the cookie for IE and Chrome and just bounces us back to the sign in page...

Thanks for any info...

To clarify, we are not even using the FBA yet. We are trying to login only with the windows auth and domain accounts...

WCF Data Service as Forms Auth ASP Auth Source



I was wondering if it is possible to use a WCF Dataservice as the MemberShipProvider for a forms auth application. I have written code for a provider (below), but I do not know what to do as far as a connection string, or any other web.config properties. Please Help!!! Here is the code for my provider, anytime it says Odbc that is because I based this off of the custom Odbc provider on the msdn site. The only ACTUAL references to any odbc connection are in the comments:


using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Configuration;
using System.Collections.Specialized;
using System.Web.Security;
using System.Configuration.Provider;
using System.Configuration;
using System.Data.Odbc;
using System.Text;
using System.Diagnostics;
using System.Security.Cryptography;
using System.Data;
using nGreekApplication.Web.nGreekService;

namespace nGreekApplication.Web.Services
    public class nGreekProvider: MembershipProvider


Claims Based Auth timeout?


When using Claims authentication with FBA membership provider is there a way to configure the FedAuth cookie to expire when the user closes his or her browser or at a particular interval?  I've tried setting the timeout attribute of the <forms> tag but when I look at the auth cookie the timeout value is the same 10 hour window. 

hardcode windows auth- UN/PW


I know this is a poor idea, but it is meerly a starting point for me.

How can I hardcode  and pass the username / password information in an httpmodule (c#) for a windows based authentication app?

I.E i want to get to a site where i would normally need to enter username and password because authentication is set to windows, but i dont need to enter it because a httpmod is automatically passing the credentials along and i automatically get in.


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend