Avoid The Windows Authentication
how can I avoid the windows authentication screen for viewing a report in Reporting Service.
View Complete Forum Thread with Replies
See Related Forum Messages: Follow the Links Below to View Complete Thread
Windows NT Authentication And Asp???
Can someone tell me how I create a login page which authenticates users against the servers user manager. I want the login to be a form in my website not a pop up window! I would be grateful for any advice relating to this subject. I have a script for windows 2000 active directory but was wondering if you could achive the same with windows NT 4 and IIS 4 Code:
Windows Authentication
In my CMS application (authentication = windows), I've tried to force a reauthentication after a button click by returning: Response.StatusCode = 401; However instead of reauthenticating once, I'm asked for 3 times despite the correct userid and password. Is this due to certain configurations? Or is there any other alternative available to achieve the same effect?
Windows Authentication
If I have a website running ASP 3.0 on IIS 6 (server 2003), and am using Integrated Windows Authentication, is there a way I can place in a session variable something to identify the person who authenticated to the web site so I can say right on the ASP page "Welcome UsernameHere" ??
Windows Authentication
I want the ASP user login authenticated by the windows user, and to catch the user information as a session contained on the page. Then the login user can be redirected to its own folder (recognized by userid). How can I do that?
Use Windows NT Authentication - ASP
I have this free calendar I downloaded off the net, that I am trying to tweak to meet company standards. A username/password is required, however I wanted to use Windows authentication... is there a way I can retrieve the username/password used to sign on the computer, for form validation??? If this is possible, could someone please advise me on how i would need to go about doing this??
Windows Authentication
I wasn't sure which group to use but I'm developing a web application that connects to a sql server. This application is for External Clients but the information is sensitive. I thougth that if I do Windows Authentication, would be the most secure one. I'm not sure if this is true. In any event, I want to avoid the browser asking for username and password and allowing the user to type on a username password textboxes on the web form. Is this possible.
Windows Authentication
I am coding a web page to put information into a database. The main feature I am looking to do is authenticate the webpage using the windows user name and password, I then want the user name to be entered into the database. Can anyone help me with this? I have an access database linked into a webpage and it is able to enter data.
Windows Authentication
I wanted to secure my application and have decided to go with windows NT challenge reponse. I want to check against the Active directory for a valid user. Should i do both? which one comes first? I am not sure of the sequence.
Windows Authentication
I have an IIS 6 server on Windows 2003 running in an AD domain attempting to enumerate the files on another Windows 2003 server on the same domain. The code and UNC path are sound as it works if I set anonymous access and enter domain credentials in the page properties but if I check "Integrated Windows Authentication" it gives a "Path not found" 800a004c error in the browser. The IIS logs report a 500 0 0 status but it does show that it attempts to use the end user's credentials as you can see them in the logs. The IIS server is set for "Trust this computer (for Kerberos only)" but the the other server is not. The two significant lines in the classic ASP page (with the server, share & folder names replaced) are: spmsmmpath="serversharefolder" SET ofolder=ofs.GetFolder(spmsmmpath) What am I missing? Does the file server need to be trsuted too? Do I need to use a MapPath command or am I using the wrong slashes? Remmeber the code works as is if I pass literal credentials.
Windows Authentication
I have developed a website using ASP.Net and C#. The issue I am facing is that on some of the links I get the default Windows authentication dialog. It happens only on some of the links even though the link points to the same page. i am clueless as this happens even on the development machine ie on localhost. The web.config has the setting as Authentication=None. why this might be happening.
Windows Authentication
Can someone tell me a website/page that will show me how to use windows authentication in a vbscript page. I can't use .net, it has to be classic VB.
Windows Authentication
I want to know how can we use windows Authentication in asp projects ? & what is the object need?
Windows Authentication
I want to authenticate a user based on Windows Login. If a user is able to logon to the system, he/she should be able to logon to the page. I'm able to retrieve the system username using Request.ServerVariables("LOGON_USER") after disabling anonymous access in IIS Manager. But whenever i open my page, it prompts for the username and password. But i dont want to prompt for the username and password, but logon to the site based on windows login.
Using Windows Authentication In ASP
I am creating an application that I would like to have the user type in their User ID, password and domain, and it do Windows Authentication to verify they are a valid user. Can someone provide me with any assistance on this by sample code, or a pointer to a site that goes over this?
Windows Authentication
I have an application that is ISAPI and the only way to secure it is through NT permissions. I need to have a way to login to windows authentication so that when I get to the ISAPI application no boxes come up. I want an ASP page to sit between the user and the ISAPI application. The rest of my application is using authentication that is database driven and wouldn't want the users to know the userid and password. Is this possible? If so how would I accomplish it.
Authentication With ASP, But WITHOUT Windows.
I have a client who wants me to use his login screen to authenticate users, then send them to their correct folder's index page. There will only ever be 4 or so users logging into this, so it doesn't need to be huge. So, I can't just set the password on the folder using windows or else the windows box pops up, and he doesn't want to use a database, and he doesn't want the pages inside the folder to have to have a .asp extension.
AUTHORIZATION With WINDOWS AUTHENTICATION
i want to implement authorization with windows authentication and don't have the slightest clue of how to do this implementation. the basic windows authentication for this .NET application is already setup. my problem lies within my inability to manipulate the username captured in the authentication process and my knowledge of how IIS is involved. specifically, i have the following questions: 1) what object(s) can be used so that the user's username can be manipulated for the authorization process? 2) in order to apply roles, do the users need to be placed in groups in IIS? if so, how does this work? 3) is all the code that the application uses for roles in web.config? or does global.asax play a role in this matter? 4) does the web.config file know to communicate with IIS because the authorization type is set to windows? 5) once authorization is in place, can a section of an .aspx file be visible to a group or can only entire files be secured for a group?
Integrated Windows Authentication
I'm running IIS 6.0 on Windows SErver 2003 that is also a DC. I have an asp page (default.asp) I am trying to access as my hom page for my site. I am trying to use Windows authentication. When I select only "integrated Windows authentication" I get prompted for user information and then get an error: "The page cannot be displayed." However, if I change the authentication method to "Basic authentication" and enter the exact same logon information, it works without a problem. I do not want to send passwords in clear text. I need to use Windows authentication.
End Windows Authentication Session?
Does anyone know if there is a way to end a user's logged on Windows Authentication session? I have some .asp files that make calls to our SQL Server which can only be accessed through Windows Basic Aunthentication in using SSL to encrypt everything and was wondering if there was a way to end the user's windows authentication session and force them to relogon if a certain time expired or if they didn't close the browser? I'm familiar with ending asp session variables but in this case this wouldn't apply since the user is already in using windows basic authentication.
Windows Domain Authentication
i design form to take input from user(username,password). How do i autheticate if the user is Windows Domain user and once it has authenticated successfully, how do i forward to the success page.
SQL Server Windows Authentication
I have being told my our web developers team that it is not possible to use Windows Authentication on a SQL Server 2000 database and ASP application. That it can only be possible on a ASP.NET. On the other hand thur seraching the web I found out that this task can be accomplished by just turn on Windows Authentication and shut off Anonymous access in your website properties using IIS Manager on the Web server.
Windows Integrated Authentication
Can someone direct me to a good tutorial on Windows Integrated Authentication and Active Directory. I am creating an intranet site and i want anyone that can sign on to our domain able to go to the intranet and not have it prompt them for username/password. I can't seem to find much info on it.
Windows Authentication Pop-up In Intranet
We're trying to setup an Intranet site with one portion of the site restricted using Windows Integrated Authentication. The rest of the site is accessed using anonymous access. Here are the details of the site 1) The restricted portion of the site is protected using NTFS permissions for authorized users 2) ONLY Anonymous user has NTFS permissions to the rest of the Intranet (all files / folders EXCEPT the restricted portion) 3) The IIS setting throughout the site has both anonymous access and Windows Integrated Authentication enabled 4) The restricted portion of the site is also the application start-point (in IIS) for an ASP application 5) The restricted portion of the site launches in a new browser window (using target="_blank") Authorized users are able to access the restricted portion of the site. The problem is that when they try to get back to any of the anonymous access pages, they are prompted with the Windows Authentication dialog. Is there any solution to this? Are there any web server settings that I need to look for?
Authentication Against AD On Windows 2003
I used to have the following ASP code (below) that runs on windows 2000 and authenticates users against the Active Directory. The code is working fine. However, after upgrading from Win2000 to Win2003 (IIS 6), authentication is failing, although the code is still working if run on win2000. I tried to capture packets during the authentication phase from both win2000 and win2003 and I found out that there is a slight difference between the two although I believe that this is an OS bit not ASP thing. Code:
Integrated Windows Authentication
What I'm trying to do: I'm using LDAP to check and see if a user that is trying to view my page has network credentials and I am also trying to see what User Groups they are in. I have been told that the code that I'm using does indeed work. Problem: In IIS I have unchecked the Anonymous access option and have checked the Integrated Windows Authentication option. When I try and view the page, I keep receiving the Windows login box with my domain/username and password filled in. This puzzles me because the code that I'm using is supposed to strip the domain, yet that continues to show. It also looks like this code is supposed to redirect me to the requested page once my credentials are recognized, but I can't seem to get past this Windows login box that is similar to a login box for an FTP site. Any suggestions?
Connection To SQL Server In ASP, Windows Authentication
My ASP page needs to connect to the SQL using Windows Authentication. I have research this topic and I think the pieces of the puzzle are here, but they are not coming together correctly. Users are separated into groups with different levels of security, Group 1, Group 2, Group 3. Each group can only view, update or delete specific pages. Code:
IIS6 + Integrated Windows Authentication Issue
We've recently moved to new servers (Win2k3, IIS6) and when setting up the intranet I've run into some difficulties. The original intranet is split down into departments with security as below: Intranet Home - anonymous access allowed. IntranetFinance - anonymous allowed. IntranetIS - Integrated Windows Authentication* So the problem comes down to the IS folder. Integrated Authentication is set up so we can have an IS corporate directory where each user maintains their own details. On the new server however, I've set up the web root as Intranet (anonymous access allowed) and set the IS folder as a new application folder. I've removed anonymous access and added only Integrated Windows Authentication and Digest Windows Authentication. However when connecting to any page on the new server, no authentication kicks in at all. Connecting to a page IntranetISinfo.asp that returns only the "Logon_User" information, returns a blank field...
HTTP 401 If I Disable Integrated Windows Authentication
I'm trying to view a .aspx from a Win2003 server. When "Integrated Windows Authentication" is enabled, I can view the .aspx file. If I uncheck IWA, I get an HTTP 401. Does anyone know why "Integrated Windows Authentication" is being forced and how I can disable it? I just want anonymous access. Code:
ASP, Windows Authentication, Active Directory, STand Alone Client
I am running windows 2000 on a client PC, running IIS and a helpdesk application created in house. Whenever someone on the domain (domain.com we'll call it)...tries to access the helpdesk app, it prompts them for a u/n; password. SWEET! This is what I want. Here's where the problem lies in. WHen they type in their domain username/pwd combo...they get a "failed authentication" as it prompts them back with the fully qualified domain name of the pc the Helpdesk is on followed by their username. In short, they have to enter our domain (domain.com) followed by their username and password to work right. The PC which houses the Helpdesk app is on the domain and is set up to authenticate users based on the domain relation. As a matter of fact, I have say Jack set up with everything but FUll Control. He can get in as long as in the username box it looks something like: Code:
Avoid Symbol ' In The URL
how to elaborate this problem that i m facing. ok, let say ..i have a URL wit id number such as www.abc.com/memberpage.asp?memberid=12. when i add the symbol ' at the end of the url (like that:www.abc.com/memberpage.asp?memberid=12'), and enter, it will display error for my page. But when i try to put a ' at this web page here, it will not display any error, how can i do this with ASP languagE?how can i avoid it using ASP language ?
Avoid Explorer
I'm getting crazy with this. You know that when you install office in your computer it install a plugin for Internet Explorer so when you click in a link to any office document it opens the document inside the explorer instead of asking to save it as normal files. Do you know how to make internet explorer ask to save the document with HTML or ASP or Javascript?I know that i can disable this option in Internet Explorer options but i don't want to make people do this.I don't want to zip the file neither.
Avoid The IE Seurity
When I use funtion--CreateObject to create an instance of Msword in the client script, IE security will prevent my script to create. I would not like to alter the security option. how to resolve this problem?
To Avoid Many If Statement
I want to run a query from input. There are 4 input that are optional for user. So what is the simple and fastest way to do it instead of too many if statement and repeating query. What I've done now semilar like this id = Request.Form("id") tittle = Request.Form("tittle") case = Request.Form("case") desc = Request.Form("desc") If id <> "" then Run Query Else If tittle <> "" Then.......i have to insert more if statement..how can I make it more easier?
Avoid Send Twice Same Form
I have sometimes duplicate contents in a comments page because impatient people send the same form twice (they pressing in few seconds the Send button twice) . How can I avoid this?
Avoid Warning Message
I am writing a web app using asp.net 1.1 and C#. This web app is launched in another win32 application and this app needs to pass information to my web app. But this win32 application doesn't support long string(Maximum 255) I hv to use an intermedia plain file and in my web app,usingScripting.FileSystemObject to open the file and read the information in. Each time when I launch the web page, I got a warning message saying "AnActiveX control on this page might be unsafe to interact with other parts of the page. Do you want to allow this interaction?" Users need to click Yes to proceed. All applications run in Intranet environment within a corporate network. My question are "Can I avoid this error message?" and "Can I give permission to my particular web app to run Scripting.FileSystemObject?"
Avoid Caching Of Page
I am running IIS5.1. I am invoking an ASP page in ther server continously from the HTML Page, to update some contents of the html page. The ASP page seem to run from the cache sometimes(Not Always). I tried to give the following header to my ASP file. Response.Expires = 0 Response.AddHeader "pragma","no-cache" Response.AddHeader "cache-control","private" Response.CacheControl = "no-cache" still the contents seem to get cached. how can i avoid this ?
Avoid On Error Resume Next?
Is there a way to avoid On Error Resume Next for: cnn.Open strCon SQL = "EXEC Customer @txtEmail='" & email_address & "'" set rs = cnn.execute(SQL) 'On error resume next rs("email_address") '// This record does not exist thus throwing up an error. I could use On Error to resume and then do this '// If rs.eof or rs.bof '// .....But I hate this convention as I find debugging a problem. Is there a better way?
Avoid Error Message
I have a table with "title" field set to unique In PHP I can do this following code to check whether the same input already exist or not: $query = "insert into table (title) values ('".$title."')"; if (mysql_query($query)) { echo "Title already exist!!" } else { echo "New Title saved!!" } My question, is there some similar method to do above operation in ASP? Code:
Avoid Action Page Being Refresh
Currently i did 2 pages form and action pages, where form will have 2 inputs, and action page will insert the data into database. but the i have tested once i keep refresh the action page, the data will be inserted again and again, anyone know how can i control this matter and avoid sql injection?
Validating User Input To Avoid Attacks
I am working on a web application that uses both asp classic and asp.net pages. We need to validate user input to avoid attacks like sql injection. Can a component be created that both page types can use? Is that the best approach? Would I simply use pattern matching to validate strings and/or remove any unwanted characters?
How To Avoid Downloading A File Directly From Webserver ?
I need to provide a way to download a software and its corresponding manual from a web page. So far I have done the sign in page where people give their data. I will then give access to a page with a link allowing to download the required file(s). My worry is how to avoid that somebody grabs the URL of the file and send it to another for downloading directly from the server. What can I do to avoid this ?
Avoid Form Resubmission When REFRESH Clicked
I am working with website in which a user can login and then submit some forms. I want the user to avoid re-submitting the same form twice when he uses the browser refresh or when he goes to another page and then comes back to that same page using the browser back button. I know of two solutions: 1. Redirect to a different page after form submission - The problem with this approach is that the website has many forms. So redirecting each form to a different one is not a very feasible solution. 2. A token can be stored in session (or somewhere) after each form submission. These tokens can be verified if the form is being resubmitted - The problem with this approach is that the user can submit one form only once. I want the user to be able to submit the same form multiple times, provided with differetn data. Is there a suitable solution where a form with same data is submitted only once, but there is no such restriction with different data? Can the ASP request object be cleared after form submission, so even when refresh button is pressed, Request.Form elements dont have any data? (Storing ALL the information filled in each form during that session and then comparing for resubmit is not a clean solution I think??).
SELECT Statement Pulls Field Names - How To Avoid?
I do a SELECT * from table command in an ASP page to build a text file out on our server, but the export is not to allow a field name rows of records. The first thing I get is a row with all the field names. Why do these come in if they are not part of the table records? How do I eliminate this from being produced? Code:
AVOID Multiple Form Submittals Via "back Button"
I know there really isn't a way to disable the "back button" on the browser BUT ... I'm trying to not allow multiple entries via a form submit when the back button is depressed on the browser. Basically is there a code snippet that somebody can provide so that when a form is submitted and somebody attempts to go back by hitting the "back" button, that form information just entered won't resubmit into the database?
SQL Authentication
i want users to login to my web application using SQL authentication i.e whenever the page opens, it should display the SQL server login window. i know Login feature is in dreamweaver MX that i use, but unathurized users can lookup the password in your database.
|
TRACKER
