 |  |  |  |  |  |  |  |
help with asp.net/JS and cookies
Please support our ASP.NET advertiser: $4.95 a Month - ASP.NET Web Hosting – Click Here!
 |
•
•
Join Date: Jun 2005
Posts: 77
Reputation: 
Solved Threads: 0
Junior Poster in Training
hi,
i'm kind of new to asp
i used a few tutorials to put together a basic login page and to dump the information to a cookie.
overview:
i guess what i'm trying to accomplish is to have an ASP.net login page
and JavaScript validation though out the pages
it would be nice to check for some validation of the cookie to ensure its not just fabricated by user. but its not necessary at all
unfortunately time is an important factor so i try and skim corners where i can :evil:
Problem:
The cookie is created and the JS validation works
The problem is the cookie doesn’t terminate after x time I think it happens after reboot or a day
I’m not exactly how to approach this
And any help you can provide would be greatly appreciated.
:cheesy:
Thanks
MagusDF
i'm kind of new to asp
i used a few tutorials to put together a basic login page and to dump the information to a cookie.
overview:
i guess what i'm trying to accomplish is to have an ASP.net login page
and JavaScript validation though out the pages
it would be nice to check for some validation of the cookie to ensure its not just fabricated by user. but its not necessary at all
unfortunately time is an important factor so i try and skim corners where i can :evil:
Problem:
The cookie is created and the JS validation works
The problem is the cookie doesn’t terminate after x time I think it happens after reboot or a day
I’m not exactly how to approach this
And any help you can provide would be greatly appreciated.
:cheesy:
Thanks
MagusDF
Magus,
Can you provide these..
1.Your Authentication codes..Are you redirecting after the users have logged in.
2.I'm sure ,You must have made some changes in your webconfig file.Can you show us your authentication in your Webconfig file..
Can you provide these..
1.Your Authentication codes..Are you redirecting after the users have logged in.
2.I'm sure ,You must have made some changes in your webconfig file.Can you show us your authentication in your Webconfig file..
•
•
•
•
Originally Posted by magusdf
hi,
i'm kind of new to asp
i used a few tutorials to put together a basic login page and to dump the information to a cookie.
overview:
i guess what i'm trying to accomplish is to have an ASP.net login page
and JavaScript validation though out the pages
it would be nice to check for some validation of the cookie to ensure its not just fabricated by user. but its not necessary at all
unfortunately time is an important factor so i try and skim corners where i can :evil:
Problem:
The cookie is created and the JS validation works
The problem is the cookie doesn’t terminate after x time I think it happens after reboot or a day
I’m not exactly how to approach this
And any help you can provide would be greatly appreciated.
:cheesy:
Thanks
MagusDF
Save White Tiger
•
•
Join Date: Jun 2005
Posts: 77
Reputation:
Solved Threads: 0
Junior Poster in Training
yep
its actually a temporary solution until some one signs papers and i get acces to the lotus database
web config
asp/vb.net
javascript
i know this is probably atrocious. But my total exposure to asp is about 3 hours now.
its actually a temporary solution until some one signs papers and i get acces to the lotus database
web config
ASP.NET Syntax (Toggle Plain Text)
ASP.NET Syntax (Toggle Plain Text)
ASP.NET Syntax (Toggle Plain Text)
i know this is probably atrocious. But my total exposure to asp is about 3 hours now.
I don't understand the need for JavaScript here. ASP.NET Forms authentication handles it all for you, including managing the cookies.
•
•
Join Date: Jun 2005
Posts: 77
Reputation:
Solved Threads: 0
Junior Poster in Training
well there is about 500 pages
i will be inserting java script tags to stop someone form skipping into a page unless they logged in
using just asp the way I have now
some one can just jump right in to a page by typing in the address
the java script redirects them back to the login page if the cookie doesn’t exist
It seems a lot easier for me to insert a java script for the validation rather than converting each of the pages to an asp page and redoing all the links.
My problem is that the cookie doesn’t disappear within the 10 minutes
I can take the java script element if I can insert a small asp script to do the validation but I really don’t know asp.net
i will be inserting java script tags to stop someone form skipping into a page unless they logged in
using just asp the way I have now
some one can just jump right in to a page by typing in the address
the java script redirects them back to the login page if the cookie doesn’t exist
It seems a lot easier for me to insert a java script for the validation rather than converting each of the pages to an asp page and redoing all the links.
My problem is that the cookie doesn’t disappear within the 10 minutes
I can take the java script element if I can insert a small asp script to do the validation but I really don’t know asp.net
You misunderstand ASP.NET Forms Authentication. It will handle all of this for you, automatically. You set it so that it authenticates the entire site, or particular directories. You don't have to write any JavaScript at all. If someone navigates to a page, ASP.NET will check to see if they are authenticated or not. If not, they are directed to your login page. Do a Google search of "ASP.NET Forms Authentication", and research it thoroughly.
•
•
Join Date: Jun 2005
Posts: 77
Reputation:
Solved Threads: 0
Junior Poster in Training
thanks for the tip
i've read several pages on this
including
http://www.ondotnet.com/pub/a/dotnet...rmsauthp1.html
part 1 and 2
but i still seem to be missing somehting
if you can help point me towards the right direction
currently the pages themselves don't invoke the login
i haven't come across a overview or example that really goes in to it much
if you can point me in the right direction it would be greatly appreciated,
Thanks,
Magus
i've read several pages on this
including
http://www.ondotnet.com/pub/a/dotnet...rmsauthp1.html
part 1 and 2
but i still seem to be missing somehting
if you can help point me towards the right direction
currently the pages themselves don't invoke the login
i haven't come across a overview or example that really goes in to it much
if you can point me in the right direction it would be greatly appreciated,
Thanks,
Magus
Please look at the following web.config file:
The properties/attributes of the "forms" element control your authentication cookie. The "name" specifies the name of the cookie. "protection" is how your cookie will be protected. "All" means it will be validated and encrypted. "Timeout" controls when your cookie will expire, in minutes.
Notice also the "loginurl" property. It points to "login.aspx" in this sample. This is the page YOU MUST WRITE.
In the "authorization" section, you can see we're denying access to all anonymous users. This means no matter which page they link to, if they're not authenticated, they'll be redirected to the login.aspx.
What should your login.aspx page do? Prompt for username and password, obviously. You can compare the values the user enters to something you've hardcoded, or you can look the values up in the database, whatever you like!
Once you've determined, through whatever mechanism you care to code, that the username and password are valid, you have to let the authentication mechanism know they are a valid, authenticated user.
You do this by using the FormsAuthentication class in the code-behind of your login.aspx page.
There are a number of methods & properties, including .Authenticate, and .RedirectFromLogin.
You can also store your usernames and passwords within the web.config file itself, by adding a "credentials" node:
This is perhaps the easiest way. Then in your login.aspx page, you can use the Authenticate method. Say you have a field named "username" and one named "password", and a button named "login":
ASP.NET Syntax (Toggle Plain Text)
The properties/attributes of the "forms" element control your authentication cookie. The "name" specifies the name of the cookie. "protection" is how your cookie will be protected. "All" means it will be validated and encrypted. "Timeout" controls when your cookie will expire, in minutes.
Notice also the "loginurl" property. It points to "login.aspx" in this sample. This is the page YOU MUST WRITE.
In the "authorization" section, you can see we're denying access to all anonymous users. This means no matter which page they link to, if they're not authenticated, they'll be redirected to the login.aspx.
What should your login.aspx page do? Prompt for username and password, obviously. You can compare the values the user enters to something you've hardcoded, or you can look the values up in the database, whatever you like!
Once you've determined, through whatever mechanism you care to code, that the username and password are valid, you have to let the authentication mechanism know they are a valid, authenticated user.
You do this by using the FormsAuthentication class in the code-behind of your login.aspx page.
There are a number of methods & properties, including .Authenticate, and .RedirectFromLogin.
You can also store your usernames and passwords within the web.config file itself, by adding a "credentials" node:
ASP.NET Syntax (Toggle Plain Text)
This is perhaps the easiest way. Then in your login.aspx page, you can use the Authenticate method. Say you have a field named "username" and one named "password", and a button named "login":
ASP.NET Syntax (Toggle Plain Text)
•
•
Join Date: Jun 2005
Posts: 77
Reputation:
Solved Threads: 0
Junior Poster in Training
apologies for being so persistent
but i already have both of those set up and login.aspx works
i guess the part that i'm confused about is the individual pages?
should there be some script or something that checks the verification
or is it skipping because its a configuration on the server end
unfortunately i don't have access to the server and there is about 5 pages of paper that need to be pushed each time i want to change a setting
but if some one types in
EX:
url/pagename.htm
www.somedomain/sales.htm
it will skip the validation presses
that is the part i'm lost at
but i already have both of those set up and login.aspx works
i guess the part that i'm confused about is the individual pages?
should there be some script or something that checks the verification
or is it skipping because its a configuration on the server end
unfortunately i don't have access to the server and there is about 5 pages of paper that need to be pushed each time i want to change a setting
but if some one types in
EX:
url/pagename.htm
www.somedomain/sales.htm
it will skip the validation presses
that is the part i'm lost at
If "sales.htm" is in the same folder as the web.config file, authentication will be automatic. If a user tries to browse that specific page, ASP.NET first checks the web.config file to see if anonymous browsing is allowed. If it isn't, it looks for instructions on how to authenticate. It finds them in the <forms> node, and redirects the user to login.aspx. The login.aspx page authenticates the user, and then redirects them to their original page, in this case, sales.htm.
Nothing special needs to go on the sales.htm page.
If you've set all this up and it isn't working, then you haven't set it all up correctly!
Nothing special needs to go on the sales.htm page.
If you've set all this up and it isn't working, then you haven't set it all up correctly!
|
Similar Threads
- Forms Authorization/ Authentication using asp .net and vb .net (ASP.NET)
- ASP.net Cookies (Community Introductions)
Other Threads in the ASP.NET Forum
- Previous Thread: textarea Control in ASP.NET
- Next Thread: Page_Load never called when I browse to my aspx page
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest ASP.NET Posts
- Today's Posts
- Unanswered Threads
.net 2.0 3.5 ajax alltypeofvideos appliances asp asp.net bc30451 beginner browser businesslogiclayer c# c#gridviewcolumn cac checkbox class commonfunctions compatible confirmationcodegeneration content contenttype countryselector courier dataaccesslayer database datagrid datagridview datalist deployment development dgv dropdownlist dropdownmenu dynamic dynamically edit embeddingactivexcontrol fileuploader fill findcontrol flash flv formatdecimal forms formview gridview gudi homeedition iis javascript jquery listbox menu microsoft mouse mssql nameisnotdeclared news novell opera panelmasterpagebuttoncontrols problem redirect registration relationaldatabases reportemail schoolproject security serializesmo.table sessionvariables silverlight smoobjects software sql sql-server sqlserver2005 ssl suse textbox tracking treeview unauthorized validatedate validation vb.net video videos vista visual-studio visualstudio vs2008 web webapplications webarchitecture webdevelopemnt webdevelopment webprogramming webservice youareanotmemberofthedebuggerusers