I am creating an application in which I am using Live Id authentication. When the user tries to access an authenticated page, I am redirecting the user to Live Id sign in page. Is it possible to return the user to the previously asked page (from which he was redirected). Some thing like return URL.
Actually I want to pass some data in query string to webauth-handler.aspx page when the user successfully logs in. Can any body tell me how to pass query string to webauth-handler.aspx?
Thanks
Ashwani
When the user tries to acces a page that needs authenticated (prior to redirection) save the returnUrl to a Session Variable:
Session["MyReturnUrl"] = Request.QueryString["ReturnURL"];
You would have set up your Live Authentication Settings to always redirect to a certain page on your site if authentication is successfull, on that page you will simply do the following:
//Set Authentication cookie here then redirect to previously requested url
Response.Redirect(Session["MyReturnUrl"]);
I fixed this by saving the return url in cookie and then checking if the cookie is present to do the redirection.
Related
I am trying to download content of a page and convert it to a PDF using HiQPdf, however the page I am trying to access requires login permissions. When I run the code to try and download the content it displays the login page saying you do not have authentication to access this page.
Is it possible to send authentication with HiQPfd?
I was thinking of sending a parameter which lets you view the data temporally but any user could abuse this to view other users data
htmlToPdfConverter.Authentication.Username = "username";
htmlToPdfConverter.Authentication.Password = "password";
I was thinking that I could have the page accept two parameters, username and password and if they are authenticated, give access to the page.
Check out the FAQ: http://www.hiqpdf.com/FAQs.aspx
Once a user is authenticated, Forms Authentication maintains an authentication ticket in a cookie or in the URL so that an authenticated user does not need to supply credentials with each request. When you are already authenticated and you want to convert a page of the same application you can simply set the authentication cookie before converting the web page. The converter can be set to send the authentication cookie to the web server. A simple code to create a HTML to PDF converter object, set the forms authentication cookie and convert an URL to a memory buffer is given below:
HtmlToPdf htmlToPdfConverter = new HtmlToPdf();
htmlToPdfConverter.HttpCookies.AddCookie(
FormsAuthentication.FormsCookieName,
Request.Cookies[FormsAuthentication.FormsCookieName].Value
);
By Default Person is Redirected to home page after logging in and if person request for any page without login, it will be automatically redirected to login page.
Now my question is that how to store the page url that the person requested without login so that it can be redirected to that page after it the proof of its authentication.
If you are using ASP.NET Forms Authentication, the module will pass teh initially requested page as query string parameter called ReturnUrl. This way when the user enters his credentials and if they are valid you could use this parameter to redirect him.
I am creating a web application that is hosted under a web site with forms authentication enabled. I have a role in my authentication database "Admins". Here is my controller code:
[RequireHttps]
[Authorize(Roles = "Admins")]
public ActionResult Index()
{
return this.View();
}
When I go to the Index page, if I'm not authenticated, it redirects me to the login page where I enter my credentials. The login page then redirects back to Index page of the new app, but the controller doesn't recognize that the user is authenticated.
I have taken the Authorize attribute off and looked at the request as it went out in the Chrome developer console and confirmed that the cookie is indeed being sent. But if I leave the Authorize attribute as is, and go to the Index page, the cookie collection on the request in my controller is empty. The headers collection contains a header entitled "Cookie", and the value of the header contains the .ASPXAUTH cookie.
The login page calls logs in with this code:
FormsAuthentication.SetAuthCookie(userName, remember, "/");
This behavior is reproducible in all major browsers.
What can I do to cause the Cookies collection of the request to be populated?
What do I need to do to make the application realize that the user really is authenticated?
Edit:
I still don't have it working, but I'm pretty sure it's something to do with the ASPXAUTH cookie being filtered.
I'm sure there are multiple causes of this problem. In my case, the problem was that the version of MVC I was using to write the cookie was different from the version that was decrypting it. I changed my sites to all be running MVC 4, and the cookie that was created by one site was consumable by the other site.
Is the .ASPXAUTH cookie generated a secure cookie, i.e. SSL? If so and your Index.aspx is only over HTTP not HTTPS, you will not see the cookie in the collection.
My iis folder structure is like
Default Web Site---->online and Accessing with www.sitename.com/online
Default Web Site---->trade and Accessing with www.sitename.com/trade
Default Web Site---->private and Accessing with www.sitename.com/private
Here the login page is residing inside "Default Web Site---->trade/Login.aspx".When user enter
www.sitename.com/online or www.sitename.com/private or www.sitename.com/trade he/she will be redirecting to the url www.sitename.com/trade/Login.aspx.
So my need is when user enter "www.sitename.com/online" he/she should remain in the same URL as www.sitename.com/online and not "www.sitename.com/trade/Login.aspx".So how can i maintain the URL that user entered.
Thanks,
Joby
Best way to do this is pass a parameter w/ original url in your redirect to login page, and then have login redirect you back to that original url
Location: http://example.com/login?ref=http%3A%2F%2Fexample.com%2Ffoo
Then after login, you read "ref" parameter and do a location redirect back.
If you are using built-in membership provider, then you may use [Authorize] attribute, that has an functionality to redirect the user to original page, after user gets authenticated system will automatically redirect the user to requested page.
Or you may try following solution:
Something like this:
www.sitename.com/trade/Login.aspx?ReturnUrl=http%3A%2F%2Fsitemap.com%2Fonline
After user gets authenticated, you may redirect the user to requested page.
Response.Redirect(Request.QueryString["ReturnUrl"]);
Consider using MVC or at least routing portion of it with ASPX pages to render views. This way you can have any Urls you want unrelated to physical file names.
Users rarely enter any urls... and I'm not really sure anyone cares as long as Url makes some sence (or complete noncense). So I think it is perfectly ok to render login page at something like /login and than redirect back to originating page. You can save original url in query string (as #chovy suggests) or hidden element on the page if login never leaves your site. If login leaves your site (i.e. for OAuth authentication) thatn session state or cookies may be place to store return Url.
I created a company page.
After creating a company page I created an administrator user for it.
I have a FB application that posts on another users wall using their user id (stream.publish).
I want to post on the company wall too, but how can I post on the company wall if I don't have its userID, or appID.
When I use the company page, I don't see details about it in the settings or any other configuration page.
How can I get the company page userID/companyID/accesstokenID, so I can post on its wall?
You need to request the manage_pages permission, for the admin user you assigned to the pages. When you return from the authorize URL, where you get the user's access token, you need to call the https://graph.facebook.com/me/accounts?access_token=TOKEN_FROM_ABOVE URL, which will give you a collection of pages, each with its own access token.
When you use that access token for publishing, it should publish as the Page.
http://developers.facebook.com/docs/authentication/ - Check the Page Login section.
UPDATE
This is the URL, you redirect the browser to:
https://graph.facebook.com/oauth/authorize?client_id=APP_ID&scope=manage_pages,offline_access&display=Popup&redirect_uri=REDIRECT_URL
When the user returns to the specified Redirect URL, you grab the value in the code URL parameter and call the Facebook API to exchange it for an access token. All this, you've probably already done, since you have an application that posts on a user's wall.
What you'll do now, using the access token, is call https://graph.facebook.com/me/accounts?access_token=TOKEN_FROM_ABOVE which will give you the collection of pages the authenticated user manages, and each one have its own access token.
Grab the desired access token, and use that to post on the pages wall.