Stack Overflow
Stack Overflow

Questions tagged [asp.net-authentication]

Questions regarding ASP.NET identity authentication methods

ASP.NET, in conjunction with Microsoft Internet Information Services (IIS), can authenticate user credentials such as names and passwords using any of the following authentication methods:

  • Windows: Basic, digest, or Integrated Windows Authentication (NTLM or Kerberos).

  • Forms authentication, in which you create a login page and manage authentication in your application.

  • Client Certificate authentication

ASP.NET controls access to site information by comparing authenticated credentials, or representations of them, to NTFS file system permissions or to an XML file that lists authorized users, authorized roles (groups), or authorized HTTP verbs.

ASP.NET Web Application Security

185 questions
2
votes
1 answer

ASP.NET: What is the purpose of IAuthorizationService

I am trying to understand the ASP.NET policy-based authorization mechanism, and I understood that I need to do the following: Set up a policy Assign requirements to that policy Define authorization handlers to these requirements which perform the…
yuvalm2
  • 866
  • 2
  • 10
  • 27
2
votes
0 answers

Need help understanding Authentication and Identity concepts in ASP.NET Core 2

I've read the Authentication section of the ASP.NET Core 2 documentation and I obviously got them to work but I'm still unclear on several terms/concepts in Authentication and Identity in ASP.NET Core 2. Specifically: What are ClaimsIdentity and…
frezq
  • 653
  • 8
  • 18
2
votes
3 answers

Asp.net MVC Authentication how does the Authentication work

May be my question is crazy. 1) ASP.net MVC is stateless, so there is no session involved in here. How does the authentication module work and do you have any articles which you can point me to understand the Authentication basics. What are the…
bhushanvinay
  • 449
  • 1
  • 5
  • 21
2
votes
0 answers

Random NullReferenceException on Asp.Net Core 2.1.1 View

I have an Asp.Net Core web site with a view that is bound to a simple view model. .NET Framework 4.6.1 Microsoft.AspNetCore 2.1.1 For the majority of requests it works as expected. Randomly (approximately 1-5 out of 100 requests) it results in a…
Fanetic
  • 522
  • 5
  • 15
2
votes
3 answers

What is the minimum ASP.NET provider implementation I need to get a user authenticated and authorized?

By default ASP.NET MVC setups up the AccountController to use the SqlMembershipProvider, SqlProfileProvider and the SqlRoleProvider. I don't really need everything that brings to the table, in fact, it is more of a hassle to shape my data into that…
jedatu
  • 4,053
  • 6
  • 48
  • 60
2
votes
0 answers

Asp.Net Core 1.0 authentication migrating to 2.0

I have a web API that I want to migrate to Asp.Net Core 2.0. The API is secured and I want to migrate it to 2.0, because we finished first circle. I tried something, but when I protect my controller with the [Authenticate] attribute, the controller…
Wasyster
  • 2,279
  • 4
  • 26
  • 58
2
votes
2 answers

Difference between Forms based authentication and Token based Authetication

How to decide which authentication to use for authentication. (Ex: Forms based Authentication or Token Based Authentication). What are the merits of using Token based Authentication over forms/session/cookie based authetication. I have read…
gorp88
  • 105
  • 14
2
votes
1 answer

AspCore 2.0 and IdentityServer v3, Audience Validation Fails

Given: IdentityServer v3 Client WebApp with aspcore 2.0 Scenario: When using aspcore 1.1 with Identity Server v3 I needed to set LegacyAudienceValidation = true (see .net core Client doesn't authenticate with IdentityServer v3 - Offset in…
Boas Enkler
  • 12,264
  • 16
  • 69
  • 143
2
votes
1 answer

ASP.net MVC removing repeated data calls

Ive got a asp.net mvc site that works with ASP.net Authentication. I have a UserInformation table which stores extra information on each user aswell. On pretty much every page i am calling to the database to pull the UserInformation record for the…
MattyD
  • 185
  • 1
  • 3
  • 14
2
votes
1 answer

How do you get asp.net anonymous authentication token for profile support?

So I have an asp.net Web Application (Not Web Site) that I am trying to support profiles for anonymous users. I have a form and I want anonymous users to be able to enter their name and email only once, and have that information automatically…
KallDrexx
  • 27,229
  • 33
  • 143
  • 254
2
votes
1 answer

Is using Passport authentication for my ASP.NET site secure? What are the other pros and cons?

I have been having a look at secure and 'correct' ways of handling authentication within my ASP.NET site and have found the Passport Authentication Provider. http://msdn.microsoft.com/en-us/library/f8e50t0f%28v=vs.71%29.aspx I've done some research…
litterbugkid
  • 3,534
  • 7
  • 36
  • 54
2
votes
1 answer

Current user with ASP.NET Forms authentication app

I am trying to retrieve the current user in my web application that uses ASP.NET Forms authentication. However, System.Security.Principal.WindowsIdentity.GetCurrent().Name returns domain\windowsUser, NOT the username that was used in the…
laconicdev
  • 6,360
  • 11
  • 63
  • 89
2
votes
3 answers

log out a user logged in from different browsers/machines using forms authentication

Consider the case of forms authentication with persistent cookies. If the same user logged in using two different browsers or two different machines, when user logs out from one of the browser/machine, wouldn't still he be able to login from the…
WriteEatSleepRepeat
  • 3,083
  • 3
  • 33
  • 56
2
votes
1 answer

ASPNetAuthentication -- where to find the minRequiredPasswordLength

Having a bit of trouble getting this right... The main objective is to have user configurable password strengths and here's where I get stuck: There's a setting in some config file somewhere that specifies the minimum password length to be seven and…
Dani
  • 2,480
  • 3
  • 21
  • 27
2
votes
3 answers

Authenticate ASP.NET user session with javascript

That standard demos for ASP.NET MVC 3 web site user managements include the following login process: User enters auth data. Data is posted to the server. Code that handles authentication attempts checks provided data with DB. If everything is OK -…
Maxim V. Pavlov
  • 10,303
  • 17
  • 74
  • 174
1 2 3
12 13