Stack Overflow
Stack Overflow

Questions tagged [.aspxauth]

Cookie generated by remote server that identifies the user and allows authentication to the server. The contents of the cookie is signed and encrypted.

Cookie generated by remote server that identifies the user and allows authentication to the server. The contents of the cookie is signed and encrypted.

More: what is ASPXAUTH cookie?

64 questions
2
votes
0 answers

ASP.NET Cookies duplicated for subdomain

I have two asp.net sites. one is like domain.com and the second is sub.domain.com. The domain.com sets aspxauth cookies on login and removes it (via expiration date in the past) on logout. The cookie domain is ".domain.com" so it's available on both…
lavrik
  • 1,456
  • 14
  • 25
2
votes
1 answer

.ASPXAuth Cookie changes during session

Is there any reason why, in the middle of an authenticated session, the .ASPXAUTH cookie would change its value? It doesn't seem that ASP.Net_SessionId has changed its value at the same point (and the session hasn't expired). Are there some rules…
Jon Egerton
  • 40,401
  • 11
  • 97
  • 129
2
votes
0 answers

How do you decrypt ASPXAuth, what is the IV?

Does anybody know what Key and IV are used to encrypt/decrypt the ASPXAUTH cookie? I think I have the Key part figured out. After extensive reading and research (and other questions posted here) I see ASPXAUTH uses the FormsAuthentication.Encrypt…
hahahahey
  • 89
  • 1
  • 3
  • 8
2
votes
2 answers

How do I invalidate a bad authentication cookie early in the request?

Scenario I develop an MVC application that will be hosted in Windows Azure. During development, I test against a local database and local user membership service. In production, the application hits off a SQL Azure database and a cloud-hosted user…
EAMann
  • 4,128
  • 2
  • 29
  • 48
1
vote
1 answer

In MySQL If 'CURDATE' is today, what is tomorrow?

I want bookings for tomorrow to receive an auto-email as a reminder, but I'm unsure how to only send to tomorrows clients. Set rs = Server.CreateObject("ADODB.Recordset") strSQL = "SELECT * FROM enquiries where emailaddress > '' and bookingdate =…
Danny Thompson
  • 13
  • 4
1
vote
1 answer

Include Azure AD authentication in legacy “aspx” project

I am searching a way to include authentication using Azure AD in a legacy web project (net framework 4 apsx) but I can’t found any doc or example, only for most recent MVC project, SPAs... Anyone have a reference for me?
GustavoAdolfo
  • 361
  • 1
  • 9
  • 23
1
vote
0 answers

.ASPXAUTH cookie missing sometimes

I'm having some trouble with one of our websites. We're using ASP.Net MVC 5, and the website is using HTTPS. After logging in, the user is redirected to a Secure page, which includes a cachemanifest. This cachemanifest specifies a list of 8…
KMoelgaard
  • 21
  • 3
1
vote
0 answers

iPhone App, WCF REST-based service, ASP.NET_SessionId and .ASPXAUTH

I plan to use WCF REST-based web services to communicate with an iPhone app. I'd like to maintain the ASP.NET_SessionId cookie and .ASPXAUTH cookie for the authenticated user across requests. Any suggestion on how you would accomplish this? Would it…
thd
  • 2,023
  • 7
  • 31
  • 45
1
vote
1 answer

.ASPX: How do I restrict web access to logged on users only?

► Problem: Anyone can access a webpage, but I only want logged in users to be authorized to access it. Background: Web Server = IIS 8 Server OS = Windows Server 2012 Framework = .NET 4.5 Environment = .\WebFolder\logon.aspx,…
Elias
  • 43
  • 6
1
vote
2 answers

Basic Website Web Form - How to link DropDownList to internal .aspx pages?

I'm relatively new to using VB, and am trying to do the following: Select DropDownList item upon Button click Link DropDownList items to internal pages I feel like this is basic stuff, but am having a hard time with it. Is this correct? 1 .…
Chris Allen
  • 17
  • 1
  • 6
1
vote
0 answers

Securing form authentication cookies MVC

We are developing a system (MVC3) where only /admin is over https and anonymous users allowed to perform tasks over http. We have engaged a third party to perform security assessment on our site, One of their feedback was that "Secure flag is not…
Jofedo
  • 11
  • 1
1
vote
2 answers

F5 Load Balancer- ASPXAuth Cookie

Can somebody explain what ASPXAuth cookie does? My website uses forms auth and I am trying to create a load balancer (hardware) rule which will keep track of sessions based on the aspxauth cookie. Is it safe assume that the value of the cookie is…
Emon
  • 801
  • 9
  • 26
1
vote
1 answer

Can't get FormsAuthentication to properly work with WCF

I have both the wcf and asp.net project together in the same project. (I'm running on Azure, so this is more convenient). I have this set in the web.config:
Mark E
  • 11
  • 1
1
vote
1 answer

asp:login no longer shows username as it is entered

My program starts with asp:login. It used to show a "suggested" username as I started to enter my username but for some reason stopped doing this. I have not made any changes to the login (that I am aware of although this could be a rookie oops). …
Bruce Smith
  • 27
  • 1
  • 5
1
vote
1 answer

ASP.NET auth cookie and session ID not cleared when Chrome browser is closed

I have a situation with both the .ASPXAUTH and ASP.NET_SessionId cookies not being cleared when the Chrome browser is closed, and not just the tab, but the entire browser and all browser windows. This is not happening in IE and Firefox. The auth…
David Spenard
  • 789
  • 7
  • 10
1
2
3 4 5