I have an asp.net mvc application and I have set up impersonation as follows in the web.config.
<system.web>
<compilation debug="true" targetFramework="4.6.1" />
<httpRuntime targetFramework="4.6.1" />
<authentication mode="Windows">
</authentication>
<identity impersonate="true" userName="BvhHisPharmaUser" password="12345"/>
<httpModules>
<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web" />
</httpModules>
</system.web>
As you can see I have enabled windows authentication mode.
Next you can see impersonate = true. And the userName(BvhHisPharmaUser) is a windows user that I created as follows using compmgmt.msc tool.
Now when I place a break point in Index Home
I dont see the imperonate user in the identity in the immediate window.
What am I missing?
Even after I login using the login screen, I do not see the impersonate user in the immediate window as follows.
I have removed the windows authentication mode in the web.config completely
and still observe exactly the same.
My objective is to run this iis web app under the above shown windows user(BvhHisPharmaUser) because this web app calls a wcf service which is configured to authorize this user.
So my questions are as follows.
Is impersonation is the way for this, so that the web application can run under this user? Is there any other way like app pool configuration?
Why is this impersonation not working? I have enabled it as showin in the web.config and still the identity of the thread principal does not change. What am I missing?
Kindly let me know if additional info is needed.
I have used mvc 5 captcha in my sitecore 8.1 based web application.But after hardening the captcha was not visible.Does any one face this kind of issues.Please help.
If the captcha Image is not displaying on the WFFM form. I imagine the configuration settings required for the Captcha are no longer present after your actions.
You need to ensure the following settings are present in are in the web.config under the node configuration/system.webServer/handers if you're using iis7 or above
<add name="CaptchaImage" verb="*" path="CaptchaImage.axd" type="Sitecore.Form.Core.Pipeline.RequestProcessor.CaptchaResolver, Sitecore.Forms.Core" />
<add name="CaptchaAudio" verb="*" path="CaptchaAudio.axd" type="Sitecore.Form.Core.Pipeline.RequestProcessor.CaptchaResolver, Sitecore.Forms.Core" />
See this link for more information or how to complete it in IIs 6
I created a fresh simple ASP.NET MVC 4 Internet Project, then I have created models with the ADO.NET Entity Data Model designer and then I have installed System.Web.Providers (Universal Providers) and configured Web.config in order to have two different data sources, both using SQL CE 4.0.
These are my connection strings:
<add name="DefaultConnection" connectionString="Data Source=C:\maindb.sdf" providerName="System.Data.SqlServerCe.4.0" />
<add name="MyEntitiesModelContainer" connectionString="metadata=res://*/MyEntitiesModel.csdl|res://*/MyEntitiesModel.ssdl|res://*/MyEntities.msl;provider=System.Data.SqlServerCe.4.0;provider connection string="Data Source=C:\myentities.sdf"" providerName="System.Data.EntityClient" />
The application works. But when I try to login, this is the exception I get:
To call this method, the "Membership.Provider" property must be an instance of "ExtendedMembershipProvider".
I have also added <add key="enableSimpleMembership" value="true" /> in Web.config because someone on different forums solved the problem doing this. It wasn't my case, the same error remains.
Could anyone help me please?
ASP.NET MVC4 ships with simple membership, and simple membership works with SQL CE out of the box, you don't need (and in fact can't use) the universal providers with Simple Membership.
From this ASP.NET forum post:
Thanks for the hint. Now that I was able to see that the provider was
being hijacked, I added
<appSettings>
<add key="enableSimpleMembership" value="true" />
</appSettings>
Everything Seems to be working fine now.
I have implemented my own custom Role manager object. When I run my web app using the visual studio version of IIS, it works fine. I can see the username and I can drill into my Role Manager class and see what it's doing. When I debug the app using IIS 7, HttpContext.Current.User.Identity.Name is blank and it does not use my Role Manager class when determining what roles my user has. I've checked that all my dlls are in the bin directory.
I'm guessing that the problem is on IIS 7. What do I need to configure on IIS 7 to make this work and to make it use my Role manager?
Here is a snippet of the web.config that sets the role manager.
<membership>
<providers>
<clear />
</providers>
</membership>
<roleManager defaultProvider="HyperionRoleProvider" enabled="true">
<providers>
<clear />
<add name="HyperionRoleProvider" type="Census.BUD.Common.HyperionRoleProvider" applicationName="/" />
</providers>
</roleManager>
From:
http://learn.iis.net/page.aspx/528/how-to-use-the-sample-read-only-xml-membership-and-role-providers-with-iis-70/
"These samples are excellent for use with IIS 7.0 for demonstration or test Web sites, but they don't work as-written with IIS 7.0 because of the way that IIS 7.0's security is designed. The original instructions allowed you to deploy the sample membership/role providers into the App_Code folder of your Web site, but IIS 7.0 requires that providers are registered in the Global Assembly Cache (GAC) before they can be deployed. With that in mind, the following steps will walk you through compiling and deploying the read-only XML providers on a development system."
Make sure your assembly is in the GAC
I'm running MVC3 and a windows auth web application. When I deploy to IIS6 it runs great until I hit a page that requires authentication. It then is auto-redirecting to /Account/Login when I have no trace of that in my application and my web.config is configured to windows auth.
Any ideas?
Here is my entire web.config file: http://pastie.org/1568510
Check whether you have WebMatrix.Data.dll and/or WebMatrix.WebData.dll deployed in the bin directory of your application. If they are there (and you know you don't use them) then try removing them and accessing a page that requires authentication.
In RTM try to add to <appSettings> in Web.config:
<add key="enableSimpleMembership" value="false" />
(Thx to Problem exclusively using Windows Authentication in ASP.NET MVC 3 Beta.)
Not sure if you still have the issue or not, but try adding
<add key="autoFormsAuthentication" value="false" />
to your web.config under appSettings. According to here and here, that should solve your problem.
Try override WebMatrix.dll default for login url by adding this to your appSettings (web.config) :
<add key="loginUrl" value="~/Account/LogOn"/>
WebMatrix.dll set the login Url to /Account/Login, if this key isn't set in the config file...
It works for me.
In RTM try to add to in Web.config:
<add key="enableSimpleMembership" value="false" />
The above post works. +1 Add this key before adding deployable dependencies.
I had the same issue in my MVC4 project, only my project has Anonymous Authentication disabled outright, so Windows Authentication is always required.
I have no WebMatrix.* in my bin folder, and adding the autoFormsAuthentication and enableSimpleMembership keys to appSettings didn't do it for me.
Instead, I had to comment out the following:
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" />
</authentication>
And replace it with this:
<authentication mode="Windows" />
That did the trick.
I was using nopCommerce 2.65 and had this issue.
I did not have any of WebMatrix.Data.dll nor WebMatrix.WebData.dll deployed in the bin folder, but adding
<add key="autoFormsAuthentication" value="false" />
<add key="enableSimpleMembership" value="false" />
in the web.config solved it.
Another way to override "login.aspx url redirection problem with MVC + IIS 7"... by adding this to your appSettings (web.config) :
<authentication mode="Forms">
<!--<forms loginUrl="~/Account/Login" timeout="2880" />-->
<forms loginUrl="~/Home" timeout="2880" />
</authentication>
...This resolved the problem for me
I fixed it this way
1) Go ot IIS 2) Select your Project 3) Click on "Authentication" 4) Click on "Anonymous Authentication" > Edit > select "Application pool identity" instead of "Specific User". 5) Done.
Make sure that all the authentication settings in IIS are correct.
For me the application that redirected to /Account/Login was running within a site that Anonymous authentication enabled. After disabling this in the site and enabling it for the application (together with Windows authentication) it was ok.
You can also go to the IIS on the server and go into Authentication modes and disable forms authentications.
This has me scratching my head in a demo. Embarassing.
I know this is a super old post. But I just ran across this after going through a tutorial on upgrading from MVC 4 to MVC 5. So I'm throwing it on just in case anyone else makes the mistake I did.
My issue ended up being that I accidently added 'Microsoft.AspNet.WebPages.WebData' to my project while upgrading my references.
Running "Uninstall-Package Microsoft.AspNet.WebPages.WebData" restored my authentication to it's previous glory.
In MVC for the 4.6 Framework this is done in 2 ways, the first is in the Web.Config as you would expect, the second one is done in the projectfile and is used to configure IIS Express:
<PropertyGroup>
..
<IISExpressAnonymousAuthentication>enabled</IISExpressAnonymousAuthentication>
<IISExpressWindowsAuthentication>disabled</IISExpressWindowsAuthentication>
</Property
Will disable Windows authentication and use anonymous when developing but is not used for the deploying the application.