Ask a Question related to ASP.NET Security, Design and Development.
-
gmarquez #1
Strange behavior using SSL and "FORMS" authentication.
Hello
I am using "FORMS" authentication, without SSL the behavior is normal, everythings working very well
When in IIS I cheking "Require SSL" (in Secure Communications property), I can't to do login, after introducing the credentials, I am redirected to login's page again, If I take the SSL's Check off in the ISS property, everythings will work very well again
NOTE: I have a valid certificate well installed
What is happening?, some suggest
Thanks in advance..
gmarquez
gmarquez Guest
-
Forms Authentication "Forgetting" a User
Greetings, We have an ASP.NET application that implements forms-based authentication. The login portion seems to work fine. However, I have one... -
Can actionscript change a "Button's" "Behavior"?
While a movie is playing in "level 0" a button is pressed to launch another movie in "level 1". Is there a way to change the button that was pressed... -
Accessibility Behavior and Lingo "Play Movie"
Does anyone have an suggestions for this... I have many "Accessibility Item" enabled buttons in a Director Projector, all with have a... -
Automatic Login - Forms Authentication - Request.ServerVariables["LOGON_USER"]
Hi there, I'm busy building a site that authenticates users from a database but would like Windows authenticated users to bypass the logon screen... -
Forms Authentication - "Deny users = ?" necessary
Thanks for your reply Hernan. I can't believe Authentication and Authorization are mixed... If I want to identify/authenticate a user (for... -
gmarquez #2 RE: Strange behavior using SSL and "FORMS" authentication.
Hello
Searching similar questions (keyword= SSL, in the ASP.NET newsgroup), I found an argue about similar situation. Something gets my attention, they were discussing about creating self-signed certificate (like is my case)
Is about a developer that he doesn't know like create a self-signed certificate.(This not apply for me)>>>ITEM: SSL and ASP.NET, from 10/12/200
They recommend to review the following articles>>>ITEM: ASP.NET and Secure Socket Layer, from 11/20/200
INFO: Help Secure Forms Authentication by Using Secure Sockets Layer (SSL
[url]http://support.microsoft.com/default.aspx?scid=kb;en-us;81382[/url]
INFO: Building Secure ASP.NET Web Applications Guid
[url]http://support.microsoft.com/default.aspx?scid=kb;en-us;33024[/url]
I had used both of them, I have made all that suggests
I have everything well configured, but when I'm accessing to the secure page, the security alert show me the following
-(ok) The security certificate is from a trsuted certifying authority
-(ok) The security certificate is valid
-(!) The name on the security certificate is invalid or does not match then name of the site
Is possible that the last alert is my problem
Thanks in advance..
gmarque
----- gmarquez wrote: ----
Hello
I am using "FORMS" authentication, without SSL the behavior is normal, everythings working very well
When in IIS I cheking "Require SSL" (in Secure Communications property), I can't to do login, after introducing the credentials, I am redirected to login's page again, If I take the SSL's Check off in the ISS property, everythings will work very well again
NOTE: I have a valid certificate well installed
What is happening?, some suggest
Thanks in advance..
gmarquez
gmarquez Guest
-
Paul Glavich #3 RE: Strange behavior using SSL and "FORMS" authentication.
No, that would not be the reason you are having the
problem, otherwise you would not even get the login page
(as I assume you have SSL for the whole site, not just
some pages) which means the login page is also protected
by SSL. Try doing a bit of tracing and output the
credentials you receive to a trace file, to see what you
are getting.
HTH,
- Paul Glavich
ASP.NET newsgroup), I found an argue about similar>-----Original Message-----
>Hello,
>
>Searching similar questions (keyword= SSL, in the
situation. Something gets my attention, they were
discussing about creating self-signed certificate (like
is my case):self-signed certificate.(This not apply for me).>>Is about a developer that he doesn't know like create a>>>>ITEM: SSL and ASP.NET, from 10/12/200311/20/2003>>>>>ITEM: ASP.NET and Secure Socket Layer, fromSockets Layer (SSL)>They recommend to review the following articles:
>
>INFO: Help Secure Forms Authentication by Using Secureus;813829>[url]http://support.microsoft.com/default.aspx?scid=kb;en-[/url]us;330246>
>INFO: Building Secure ASP.NET Web Applications Guide
>[url]http://support.microsoft.com/default.aspx?scid=kb;en-[/url]accessing to the secure page, the security alert show me>
>I had used both of them, I have made all that suggests.
>
>I have everything well configured, but when I'm
the following:certifying authority.>
>-(ok) The security certificate is from a trsuteddoes not match then name of the site.>
>-(ok) The security certificate is valid.
>
>-(!) The name on the security certificate is invalid orbehavior is normal, everythings working very well.>
>Is possible that the last alert is my problem?
>
>Thanks in advance...
>
>gmarquez
>
>
> ----- gmarquez wrote: -----
>
> Hello,
>
> I am using "FORMS" authentication, without SSL theCommunications property), I can't to do login, after>
> When in IIS I cheking "Require SSL" (in Secure
introducing the credentials, I am redirected to login's
page again, If I take the SSL's Check off in the ISS
property, everythings will work very well again.>
> NOTE: I have a valid certificate well installed.
>
> What is happening?, some suggest?
>
> Thanks in advance...
>
> gmarquez
>.
>Paul Glavich Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
