1-888-365-2779
+1-888-365-2779
Try Now
More in this section

Forums / General Discussions / ASP.NET authentication

ASP.NET authentication

15 posts, 0 answered
  1. Max
    Max avatar
    9 posts
    Registered:
    29 Sep 2010
    07 Oct 2010
    Link to this post
    Someone posted here that we can use ASP.NET login control to authenticate users. So I created one with custom membership provider. Login process work fine: control sends username and password, they are passed to ValidateUser of my custom membership class, that method returns "true", and "loggedin" event is fired (Login successed). BUT SiteFinity still says I am logged in as Anonymous and is not authenticated.

    I tried using this suggestion:
    SecurityManager.SetAuthenticationCookie(SystemManager.CurrentHttpContext, user.ProviderName, user, true)
    but it gives me exception:
    The parameter providerName could not be resolved when attempting to call constructor Telerik.Sitefinity.Security.UserManager(System.String providerName, System.String transactionName)

    If I just try to instaniate UserManager like this:
    UserManager man = new UserManager("Documents");
    I also receive an exception:
    Invalid type specified Telerik.Sitefinity.Security.Data.MembershipDataProvider

    So it looks like UserManager can't work with ASP.NET compatible membership providers.
  2. Max
    Max avatar
    9 posts
    Registered:
    29 Sep 2010
    08 Oct 2010
    Link to this post
    I fixed the issue by moving away from ASP.NET compatible to Sitefinity membership provider.
  3. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    11 Oct 2010
    Link to this post
    Hi Max,

    Yes, you need a Sitefinity provider to get this working. Currently we have not added pubic controls that you can use to authenticate your users directly, because of some missing implementation. You could use LoginForm control.

    Sincerely yours,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  4. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    03 Nov 2010
    Link to this post
    Max,

    How exactly did you do that, if I may ask. I am having the same problem.

    Many thanks,
    Andrei
  5. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    03 Nov 2010
    Link to this post
    Ivan,

    I am trying the LoginForm control. It works, authenticates the user, redirects me to the page I requested, but when getting to the page I asked, all I can see is the Login Form and nothing else. Not sure why.

    Can you help,
    Andrei
  6. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    04 Nov 2010
    Link to this post
    Hello Andrei,

    Most probably the authenticated user does not have permissions for the controls on your destination page. Check the permissions over the widgets and content data that should be displayed.

    All the best,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  7. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    04 Nov 2010
    Link to this post
    Ivan,

    I have created a new page and left it blank with no controls on it at all. The permissions on the page are left unchanged. And it still does it.

    I set the DestinationPageUrl property to ~/Briefing/test.aspx (test.aspx being the blank page) and it still does it. I go to the ~/Briefing page where the Login control is. The address bar shows: http://localhost:26339/IAA/briefing I enter thecredentials, click the Login button and a postback happens. Then the address bar shows:http://localhost:26339/IAA/Briefing/test.aspx but all I can see is the Login form, just as if I did not move from the Briefing page. Below is my code.

    Also, a quick question about one of our already live systems. It used to work but not sure why it does not now. When I access the Sitefinity Admin side through the Network Load Balancing address. I get the Login page. I enter the correct Login details and then it refreshes the page and I see the Login page again (with no errors or anything). When I go directly to the Web Server hosting Sitefinity and try to login then it works. Would you know why it is not letting me through via the NLB when it used to do before? Thank you.

    <%@ Control Language="VB" AutoEventWireup="false" CodeFile="LogIn.ascx.vb" Inherits="LogIn" %>
    <asp:Login ID="LoginControl" runat="server" BackColor="#F7F6F3"
        BorderColor="#E6E2D8" BorderPadding="4" BorderStyle="Solid" BorderWidth="1px"
        Font-Names="Verdana" Font-Size="0.8em" ForeColor="#333333" Height="16px"
        Width="331px" >
        <InstructionTextStyle Font-Italic="True" ForeColor="Black" />
        <LayoutTemplate>
            <table cellpadding="4" cellspacing="0" style="border-collapse:collapse;">
                <tr>
                    <td>
                        <table cellpadding="0" style="height:168px;width:383px;">
                            <tr>
                                <td align="center" colspan="2"
                                    style="color:White;background-color:#5D7B9D;font-size:medium;font-weight:bold;">
                                    Log In</td>
                            </tr>
                            <tr>
                                <td align="right">
                                    <asp:Label ID="UserNameLabel" runat="server" AssociatedControlID="UserName" Font-Bold="true" Font-Size="Medium">User Name: </asp:Label>
                                </td>
                                <td>
                                    <asp:TextBox ID="UserName" runat="server" Font-Size="Medium" Width="180px"></asp:TextBox>
                                    <asp:RequiredFieldValidator ID="UserNameRequired" runat="server"
                                        ControlToValidate="UserName" ErrorMessage="User Name is required."
                                        ToolTip="User Name is required." ValidationGroup="ctl00$LoginControl">*</asp:RequiredFieldValidator>
                                </td>
                            </tr>
                            <tr>
                                <td align="right">
                                    <asp:Label ID="PasswordLabel" runat="server" AssociatedControlID="Password" Font-Bold="true" Font-Size="Medium">Password: </asp:Label>
                                </td>
                                <td>
                                    <asp:TextBox ID="Password" runat="server" Font-Size="Medium" TextMode="Password"
                                        Width="180px"></asp:TextBox>
                                    <asp:RequiredFieldValidator ID="PasswordRequired" runat="server"
                                        ControlToValidate="Password" ErrorMessage="Password is required."
                                        ToolTip="Password is required." ValidationGroup="ctl00$LoginControl">*</asp:RequiredFieldValidator>
                                </td>
                            </tr>
                            <tr>
                                <td align="center" colspan="2" style="color:Red;">
                                    <asp:Literal ID="FailureText" runat="server" EnableViewState="False"></asp:Literal>
                                </td>
                            </tr>
                            <tr>
                                <td align="right" colspan="2">
                                    <asp:Button ID="LoginButton" runat="server" BackColor="#FFFBFF"
                                        BorderColor="#CCCCCC" BorderStyle="Solid" BorderWidth="2px" CommandName="Login"
                                        Font-Names="Verdana" Font-Size="Medium" ForeColor="#284775" Text="Log In"
                                        ValidationGroup="ctl00$LoginControl" Width="68px" />
                                </td>
                            </tr>
                        </table>
                    </td>
                </tr>
            </table>
        </LayoutTemplate>
        <LoginButtonStyle BackColor="#FFFBFF" BorderColor="#CCCCCC" BorderStyle="Solid"
            BorderWidth="1px" Font-Names="Verdana" Font-Size="Medium" ForeColor="#284775" />
        <TextBoxStyle Font-Size="Medium" />
        <TitleTextStyle BackColor="#5D7B9D" Font-Bold="True" Font-Size="Medium" ForeColor="White" />
    </asp:Login>
     
     
     
     
    Imports Telerik.Sitefinity.Web.UI
    Imports Telerik.Sitefinity.Security
    Imports Telerik.Sitefinity.Services
     
    Partial Class LogIn
        Inherits System.Web.UI.UserControl
        Private _destinationPageUrl As String = "~/Default.aspx"
     
        Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
            Dim username As String = HttpContext.Current.User.Identity.Name
            SecurityManager.SetAuthenticationCookie(SystemManager.CurrentHttpContext.Response, Membership.GetUser(username).ProviderName, username, False)
            LoginControl.DestinationPageUrl = _destinationPageUrl
        End Sub
     
        Public Property DestinationPageURL() As String
            Get
                Return _destinationPageUrl
            End Get
            Set(ByVal value As String)
                _destinationPageUrl = value
            End Set
        End Property
     
    End Class
  8. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    04 Nov 2010
    Link to this post
    Hello Andrei,

    1. Remove the .aspx from the destination page. The url should be ~/Briefing/test

    2. The second issue, it generally occurs if you use IIS7 and the managed modules are not enabled.

    Best wishes,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  9. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    04 Nov 2010
    Link to this post
    Ivan,

    I took .aspx off and checked the IIS version which is 5.1 (Windows XP SP3).

    Still the same thing only now the address bar shows: http://localhost:26339/IAA/Briefing/test

    Many thanks,
    Andrei
  10. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    04 Nov 2010
    Link to this post
    Hi Andrei,

    I prepared a short video for you.

    Best wishes,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  11. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    04 Nov 2010
    Link to this post
    Ivan,

    That's exactly what I am doing and still does not work. 
    However, I have created another Project quickly and tested it and it worked. So why it would not work with one but the other I do not know. I know I changed the permissions at one point but then I changed them back. Could it be that they did not change back properly?

    Anyway, thank you very much for the video, it proves that there is nothing wrong with the code.

    One thing though. It works when I am logged in the Admin Side. If I log off from the Admin Side and navigate to the Login screen page and try to log in, I get an error (below). It seems to work only when I am logged in the Admin Side.

    Server Error in '/quicktest' Application.

    Object reference not set to an instance of an object.

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

    Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.

    Source Error: 

    Line 10:     Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
    Line 11:         Dim username As String = HttpContext.Current.User.Identity.Name
    Line 12:         SecurityManager.SetAuthenticationCookie(SystemManager.CurrentHttpContext.Response, Membership.GetUser(username).ProviderName, username, False)
    Line 13:         LoginControl.DestinationPageUrl = _destinationPageUrl
    Line 14:     End Sub

    Source File: C:\Program Files\Copperchase\quicktest\Controls\LogIn.ascx.vb    Line: 12 

    Stack Trace: 

    [NullReferenceException: Object reference not set to an instance of an object.]
       LogIn.Page_Load(Object sender, EventArgs e) in C:\Program Files\Copperchase\quicktest\Controls\LogIn.ascx.vb:12
       System.Web.UI.Control.OnLoad(EventArgs e) +65
       System.Web.UI.Control.LoadRecursive() +98
       System.Web.UI.Control.LoadRecursive() +168
       System.Web.UI.Control.LoadRecursive() +168
       System.Web.UI.Control.LoadRecursive() +168
       System.Web.UI.Control.LoadRecursive() +168
       System.Web.UI.Control.LoadRecursive() +168
       System.Web.UI.Control.LoadRecursive() +168
       System.Web.UI.Control.LoadRecursive() +168
       System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3493
    


    Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

  12. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    04 Nov 2010
    Link to this post
    Hello Andrei,

    You have added you code inside Page_Load and you are calling Membership.GetUser(username). When you are not authenticated there is no user in the context. This code should go inside  LoggedIn and Authenticate events

    this.Login1.LoggedIn += new EventHandler(Login1_LoggedIn);
    this.Login1.Authenticate += new AuthenticateEventHandler(Login1_Authenticate);

    Also, you are not making any check for null exceptions.

    Kind regards,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  13. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    05 Nov 2010
    Link to this post
    Ivan,

    Sorry, that was a bit silly of me. Having all in the Load event. Have not had loads of dealings with Login Controls before and hence unsure how much stuff is done for me. Ok its working now. Its taking me through, but as an Anonymous user. I have an asp:LoginName control on the DestinationPageUrl which shows Anonymous. My code is below. Many thanks,
    Andrei
    Imports Telerik.Sitefinity.Web.UI
    Imports Telerik.Sitefinity.Security
    Imports Telerik.Sitefinity.Services
     
    Partial Class LogIn
        Inherits System.Web.UI.UserControl
        Private _destinationPageUrl As String = "~/Default.aspx"
     
        Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
            LoginControl.DestinationPageUrl = _destinationPageUrl
        End Sub
     
        Public Property DestinationPageURL() As String
            Get
                Return _destinationPageUrl
            End Get
            Set(ByVal value As String)
                _destinationPageUrl = value
            End Set
        End Property
     
        Protected Sub LoginControl_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles LoginControl.Authenticate
            If Membership.ValidateUser(LoginControl.UserName, LoginControl.Password) Then
                e.Authenticated = True
            Else
                e.Authenticated = False
                LoginControl.FailureText = "Authentication failed. Please try again."
            End If
        End Sub
     
        Protected Sub LoginControl_LoggedIn(ByVal sender As Object, ByVal e As System.EventArgs) Handles LoginControl.LoggedIn
            Try
                Dim username As String = HttpContext.Current.User.Identity.Name
                SecurityManager.SetAuthenticationCookie(SystemManager.CurrentHttpContext.Response, Membership.GetUser(username).ProviderName, username, False)
            Catch ex As Exception
                'TODO:Raise apropriate exception.
            End Try
        End Sub
     
    End Class

  14. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    09 Nov 2010
    Link to this post
    Ivan,

    Any more thoughts? I have tried everything and getting 'Anonymous' still. My latest 'LoggedIn' code is:
    Protected Sub LoginControl_LoggedIn(ByVal sender As Object, ByVal e As System.EventArgs) Handles LoginControl.LoggedIn
        Try
            Dim userName As String = LoginControl.UserName
            If CountUsers Then
                If Not Me.IsBackend OrElse Not Me.IsDesignMode Then
                    CountUserIn(userName)
                End If
            End If
     
            'set the authentication cookie.
            Dim user As Model.User = CType(Membership.GetUser(userName), Model.User)
            SecurityManager.SetAuthenticationCookie(SystemManager.CurrentHttpContext.Response, user.ProviderName, user, False)
     
            'just for test to see if cookie being set.
            Dim curruser As String = SecurityManager.GetCurrentUserName
        Catch ex As Exception
            'TODO:Raise apropriate exception.
        End Try
    End Sub

    For test purposes I am getting the current user 'curruser' in the code above straight after setting the cookie and it returns 'Anonymous'. I am running the website in design mode and there are no errors. Returns the correct user when I check the 'user' variable.

    I would appreciate your input if possible.

    Many thanks,
    Andrei




  15. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    11 Nov 2010
    Link to this post
    Hello Andrei,

    Please take a look at this post. where I sent a reply.

    Best wishes,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
15 posts, 0 answered