.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Who Goes There?: Upgrade Your Site's Authentication with the New ASP.NET 2.0 Membership API

Posted By:      Posted Date: August 21, 2010    Points: 0   Category :ASP.Net

Here Dino Esposito and Andrea Saltarello cover the plumbing of the Membership API and its inherently extensible nature, based on pluggable providers. To demonstrate the features, they take an existing ASP.NET 1.x authentication mechanism and port it to ASP.NET 2.0, exposing the legacy authentication mechanism through the new Membership API.

Dino Esposito and Andrea Saltarello

MSDN Magazine November 2005

View Complete Post

More Related Resource Links

Problems with Forms Authentication in DD 4 site


Hello,  I am seeing a strange problem with Forms Authentication in my DD site.   A user logs into and can view/edit/delete data all day, but when they execute a Custom Filter against data (for example , a control DynamicData/Filters/CustomerLastNameSearch.ascx ) then the site auth fails, and redirects to the log in screen.

in web.config I have

     <authentication mode="Forms">
            <forms name=".Star" loginUrl="~/Login.aspx" protection="All" defaultUrl="~/Default.aspx" path="/" timeout="43200" cookieless="UseCookies" />     

Offhand, I am thinking two things : that DynamicData/Filters path requires some special handling for some reason, or the control extension ascx is causing auth to get confused.   Has anyone else experienced this or have any suggestions?  Thanks!

It's possible to using sharepoint services 3.0 hosted site without authentication login ?

It's that any way to able user read / write by without login authentication for sharepoint services 3.0. because i'm having problem when external user need to access to our sharepoint pages, but their can login to it.

MOSS Site with Basic Authentication and variations does not work on one node

Hi, We have one MOSS Farm with two nodes, on this we have several sites. For one specific site we have Basic Authentication and variations enabled in it, on one node site works fine. When we browse it pops-up for credentials and once credentials are provided it works fine and properly redirect to source variation home page. But on the other node when we browse the site it pops-up asking for credentials then after providing correct credentials it again asks for credentials twice and then it throws the following error : Access denied.   You do not have permission to perform this action or access this resource. And if we directly put the source site homepage url it throws following error: 401 UNAUTHORIZED We have checked the Alternate Access Mappings for the site and it is perfectly fine, if i enable windows authentication on the defected node the site works fine. This issue is just like pain in the neck still no resolution, please help us to resolve this issue. Regards, Jasjeet Singh

Planning common membership provider for different authentication providers

I am trying to implement form based authentication (FBA) membership provider that is able to support multiple authentication mechanisms. Take it as an self-training experiment. In this posting I will introduce bases of my experiment and introduce my current plans and ideas. Why membership provider for multiple authentication mechanisms? There are many people in the world who are users of some social network or some open services provider. Today Facebook and Twitter are very popular social networks. Also Google and Microsoft Live services are very popular although they are not social networks. But all mentioned systems provide their own authentication channels also to other applications. The question is: why should I have another username and password if I have already one at some of systems I mentioned before? Here, in Estonia, we are building local Microsoft community portal with local Microsoft. We analyzed the situation and decided to use Live ID as authentication mechanism in our portal. We were a little it worried too because we were afraid that there are load of users who are not happy with Live ID as authentication mechanism. And guess what - as time has shown us there is no reason to worry! Our ~2000 users (Estonia is small country) are all happy with Live ID and the ones who doesn't have Live ID yet can go and join Live ID - it's free. If you have no idea where I l

Cannot crawl sharepoint site and mysite after database attach upgrade form sharepoint 2007 to 2010.

After database attach upgrade site and mysite from sharepoint 2007 to 2010 , I have full crawl and get "The crawler could not communicate with the server. Check that the server is available and that the firewall access is configured correctly. If the repository was temporarily unavailable, an incremental crawl will fix this error. ( Error from SharePoint site: HttpStatusCode ServiceUnavailable The request failed with HTTP status 503: Service Unavailable. )" for mysite and get "Access is denied. Verify that either the Default Content Access Account has access to this repository, or add a crawl rule to crawl this repository. If the repository being crawled is a SharePoint repository, verify that the account you are using has "Full Read" permissions on the SharePoint Web Application being crawled." for sharepoint site. The content access account for search is "db_owner" of both of site and mysite. How do I solved this problem ?

Use ASP.NET Membership store for user settings with Windwos Authentication

I am evaluating ASP.NET Membership for an intranet Silverlight app. I want users to be automatically authenticated for my application with their windows logon.Thus I configured Windows Authentication.I would like to store user settings like email-address in using the SqlMembershipProvider and not AD. It seems that storing user settings using the SqlMembershipProvider is not supported with Windows Authentication. Is this really so (using .NET 4)? If so: What is the rationale behind this?IMHO authentication, user settings and authorization are distinct aspects.User settings could easily be stored (identified by user name) using the SqlMembershipProvider with authentication and password management being supplied by Windows. What is the recommended solution for my scenario?

Changing an authentication of SharePoint site from SQL-FBA to Active Directory

Hi,      We are using MOSS 2007. I have customized a web application using Custom web part, features and ASPX pages. we have configured SQL-Form based Authentication for this site. I have also used FBA user management functionality from Codeplex. I have created some groups and my application (custom aspx page) is referencing these groups to send an email to specific person as per his role for certail events.        I have a requirement to migrate this set up on other server and change the authentication from SQL-FBA to Active Directory. So if I have to change the Authentication from SQL-FBA to AD then what are the steps I have to follow to make this happen?      I would appreciate any help on this. Thanks, Patav    

information on membership/authentication

Hi all,I am having a hard time deciding what sort of authentication method to use in my project.I will give you a run down on what I am trying to do.I am developing a project to use internally, but this project will probably be released main stream at one point. The user authentication needs custom fields defined for access to certian parts of the program. Now I don't fully understand the membership function in ASP.NET. But, can I use the default SQL provider for this? For example, we have an admin user that only has access to accounts. How can we specify this using the memembership system. How can I then create a user, who might be a customer who is only allowed to see their data.Basically I need to set a whole bunch of custom stuff in the database. Can this be achieved using the existing membership system?

First authentication on new site

Hello,I am taking an existing ASP.NET site with authentication, membership & roles and updating it. In the process I am pulling the authentication portion off of the site and using an SSO (through Central Authentication Services - CAS). I need to retain the use the membership and roles of .NET. Right now my site allows users to add an account and I approve and add them to groups. Since I will no longer do the account management I still need a way to add them to the proper groups once they have an account. The question is sort of a chicken/egg question... Since I am the admin I need to add myself first, but since the authentication is no longer local how do I do this? Do I develop a special function just to add my account and then other pages to manage the rest?Any suggestions would be greatly appreciated.'thanks,mitch

Upgrade Solution using a .wsp file created from a site template

Hello, I'm creating a new site template that I will need to move from my development to production server. I have saved the template as a .wsp file and installed it on my staging server without any problems. However, I know once the site goes into production that changes will occur and I will need to upgrade the site template. I have tried to make changes to my development site and save a new site template, and then move to my staging server and upgrade the existing solution using the below PowerShell command, but I get an error that the GUIDS are different and the solution cannot be upgraded. Command: Update-SPUserSolution -Identity MyTemplate v1.wsp -Site http://webapplication/site  -ToSolution MyTemplate v2.wsp Error: Update-SPUserSolution : Given solution cannot be upgraded to the provided ToSolution because the solutions have different Guids. Does anyone know how I would upgrade the solution when using a site template as the bases for the solution? Thanks, wm5

SharePoint 2010 Claims Based Authentication - anonymous site is prompting for CBA auth when opening

Hi, I have CBA setup successfully on my sites.  One site is setup for anonymous access and I have disabled "client integration" on that web application. I have a list of MS Office documents on a wiki.  When I click on one I am asked to either save or open or cancel.  Saving works fine but when I choose open, it launches the associated MS Office app.  I am then prompted for a login from CBA.  I can click cancel and the logon screen appears again.  After clicking cancel the 2nd time the document appears in the MS Office app, Word in this case. My question is how do I prevent my users from being prompted for a CBA login when clicking on these files and opening them in the native app on their machine?      --TR

WCF Membership Authentication and Winform Client Application Services

I am needing more validation of what I am doing versus solving a problem. I have a winforms application that uses Client Application Services to validate a user against a customer membership provider all over SSL.  This works fine.  My winforms application validates correctly. The winforms application uses WCF to call services that are installed on the same IIS server that is providing the membership services for the Client Application Services.  The WCF services use wsHTTP binding, transport security, username credentials, and validate against the same membership provider as the Client Application Services. It appears that although the service and Client Application Services are at the same URL, they do not share credentials between them.  Ideally, once I log into Client Application Services, any calls to a WCF service at that location would be automatically authenticated.  However, this is not true.  I have to pass the username and password into the credentials for the WCF service.  This works as expected where the username and password are validated prior to allowing a service call.  On subsequent services calls, it does not validate again since it has established the secure channel. So, does this sound like the best approach?  Is there a way to pass credentials from the Client Application Services to WCF automatically?  I

Changed to claims based authentication, now I can't access my site. Please help! Time is of the ess

I am in a pretty big bind. I have a sharepoint 2010 site, that was using classic windows authentication. It worked fine from the inside, and I was able to extend it to the outside and it was using https with an SSL certificate. However, my performancepoint reports and my external lists weren't working when the site was accessed from the outside. Apparently this is a known issue with using classic authentication on the outside, so I tried to switch over to claims based authentication. I followed this guide: http://blogs.technet.com/b/wbaer/ar...point-2010.aspx I obviously changed the contoso stuff to my domain name, and changed all of the config files. The problem is, now I can't access the site at all from the inside or the outside. Here is the error I get in my logs: code: An exception occurred when trying to issue security token: Could not connect to [url]http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas.[/url] TCP error code 10061: No connection could be made because the target machine actively refused it . My Sharepoint Central Administration site gives me this warning: code: The Security Token Service is not issuing tokens. The service could be malfunctioning or in a bad state. Remedy Administrator should try to restart the Security Token Service on the boxes where it is not issuing tokens. If problem persists, f

How to upgrade MOSS 2007 custom site definitions to SharePoint 2010?

I would like to know how to upgrade custom site definitions of MOSS 2007 to SharePoint 2010 in detail?

Upgrade to 2010 with corrupt site columns


Hope someone can help, have exhausted all googled solutions.

Recently upgraded from Moss 2007- ent to 2010 ent using database attach method, the only outstanding problem is with a custom site column type from codeplex -filtered lookup.

  1. When trying to access the site columns/ mngfields.aspx from the ui/sharepoint designer or  SharePoint manager I get the error- Field type FilteredLookup is not installed properly. Go to the list settings page to delete this field  -  or some variation
  2. When I try to view the site columns based on the 'filtered lookup type' using power-shell I cannot access them, zero return, yet can view all the other site columns (using names from the 2007 box)

So if the columns are not there where is the reference that is causing the problem and how to fix?.

Have been thru every site and list and deleted the offending columns, but surely this does not have any effect on the site columns mngmt page?

I don't want to remove the type from the 2007 server as this is our working model


anonymous site prompts for authentication when using https


I have extended a site in SPS 2010 and made it anonymous. When I go to the site http://site, it is okay. But when I go to the same site via https://site, I get prompted. What could be the reason. I am using a certificate from another site, so the certificate name does not match the site url, could that be the reason? I will be getting a certificate shortly.

Also on the same site, when I go into site settings via https:/site, I get a Microsoft Sharepoint foundation error. But I do not get the same error if I go to site setting using http://site. What could be wrong?

Lastly, is it possible to change the IP of the site to match the certificate url.

Please advise.

intranet site authentication against Active Directory


Hi all,

I am trying to build a web app for an intranet site that for security reasons needs to make the user type in their Windows or Active Directory username pwd manually. I have previously worked with Integrated Windows Auth but in this case, we do want them to use type in their AD credentials. 

I have been trying to look up how to do this and frankly I am a bit lost. It should be a fairly straightforward task and am hoping you can point me in the right direction, with some tutorials or examples. We will be using SSL so, dont have to worry about passing pwd in cleartext over the wire. 

My environment is visual studio 2008 in C#, .net 3.5 if that matters.

Any pointers ? Thank you. 

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend