I wrote a C# application that has a log in menu and when the user types his information the program needs to send and log in with that info.After that show the logged in page with the WebBrowser class.For some reason it doesn't want to log in ,it directs to the website log in menu.I want the user to be able to log in from my c# application menu and don't have to see the Website Log in menu at all.
As far as I can see the above code:
Formats the request with the user credentials
Gets the response
Attempts to put the returned cookie into a string
Nowhere do I see that same cookie being returned to the browser on subequent requests made by the webBrowser1:
webBrowser1.Navigate("the website + the current session (cookieURL));
doesn't compile.
It appears this question may lead you to the correct solution.
Related
I need to show user log in time details.I have two table.One is UserMaster which contains UserDetails and one is UserLogInTimeDetails contains two columns UserId and LogedInTime.
When User Log in UserId and LogInTime stores in UserLogInTimeDetails.
When User Log Off I am deleting the row of that particular user from UserLogInTimeDetails.
But the problem is if an user close the browser then the details of the user in not deleted from UserLogInTimeDetails table.For which that user will not be able to log in again.
How to solve this issue?
I have googled and saw that browser close event in not possible to handle and in many places they have adviced to use onbeforeunload event which is not working for me.
Please help. I am in big trouble.
Perhaps you could get it working using Session_End in your global.asax file to remove the user when their session expires. Though I'm not 100% sure if you can get the session ID from this method. It may be within the EventArgs...
void Session_End(Object sender, EventArgs e) {
//Remove user from database here
}
Else, another way to store the data is based on last activity, so everytime the user submits a request you update the time of last activity. You could even store this with a session ID in the database along with their login time, and then be able to calculate the duration active from login time to last activity for that session;
Best way to go with this using signalR. You can track user is online or offline. based on even dispose you can track exact logout or browser close too.
Hope this will teach you something new. refer below link for a simple example of signalR.
signalR sample application for online, offline status
Is it important that the user cannot login multiple times from different browsers?
If not, a more common approach is to store a login information variable in a session variable (maybe login time, user id or something like that), and use it to verify if the user has logged in or not.
If the user close the browser the session is lost, and he must login again, but he can login as many times as he wishes from different browsers.
You can access these variables like this:
// Set it like this. Can be any type of object with login data.
Session["LoginData"] = "Hello";
// Get it like this.
string test = (string)Session["LoginData"];
Edit:
If it is important that the user must nog login multiple times, you have a much bigger problem to solve.
Maybe something like this could be the solution?
Let the browser (via ajax) ping the web server somehow, every few seconds or so (how many depends on how long you want the browser to be shut down before it is ok to login again vs. traffic)
When the server receives a ping from a certain user, stamp the date and time in a session variable.
If a browser is trying to access the web page in any way, first, check for the session and for how long time ago the last ping was done. If the session is null, or the time is more than the time between pings*2 (or something like that) the user can login again (send to login page). If the time is shorter check if the user is logged in. If he is, continue. If not, tell him he must log out from the first connection (or whatever you want).
Hope this helps!
I've wrapped some code around my project to enable user authentication. It seems to be using FormsAuthentication as well as .NetCasAuthentication. When a user wants to login, I redirect them to an external page whose URL is saved in
DotNetCasClient.CasAuthentication.FormsLoginUrl, and that, after a successful login attempt, sets the User.Identity object. So far so good.
Now, how do I properly sign the user out?
I've tried
FormsAuthentication.SignOut()
Expiring a couple cookies as suggested here
And even explicitly nullifying the User object: HttpContext.Current.User = new GenericPrincipal(new GenericIdentity(string.Empty), null);
But when I send another request to my application, it's still able to find that user's information somewhere.
Does CasAuthentication save to a cookie? Or is it more likely that it's in some unique location as defined by the external login page? I have the option of redirecting to the corresponding external logout page, but I don't know how to do that without redirecting to it and leaving my application, and I don't want to do that.
Thanks for reading.
I'm still not quite sure what was causing the phantom log out, but I was able to fix the issue I was having.
I included an iframe in my application's login and logout pages, whose sources (src) are pointed at the external login and logout pages, respectively. To tell CAS where to redirect to after validating FormsAuthentication credentials, I had to append at the end of the login iframe's src url a query string that looks like ?TARGET=http%3a%2f%2fsome.url.aspx
(The target url is escaped.
'%3a' is url encoding for a colon (:) and '%2f' is a forward slash (/))
So, say, the external login url was https://www.externalsite.com/login and I wanted to redirect to my welcome page http://www.mysite.com/welcome.aspx after logging in, my application's login page iframe src would need to be
`https://www.externalsite.com/login?TARGET=http%3a%2f%2fwww.mysite.com%2fwelcome.aspx`
After doing that, everything seems to be working fine.
I couldn't find documentation for the TARGET query string, but it seems to be related to the 'targetService' parameter described here.
I am creating a cookie with a value(like an Id) and adding it to the browser's response context.
So when the www.abc.com is called from my applciation through click, it auto logs into abc.com web site.
When I log out of abc.com without closing the window(www.abc.com) and try to click the link from my application again, it is creating a new cookie with a new value but it is not auto login to www.abc.com
But when I logout from www.abc.com and close the window(www.abc.com) and reclick from my application, it let me autologin.
Any ideas?
Telepathic powers: you are deleting cookie from wrong domain (setting cookie on abc.com, but deleting only from www.abc.com).
Make sure that domain for both set and expire cookie calls is the same (either both calls made to/from page on abc.com domain OR domain is set correctly).
#Alexis: Thanks for pointing it out. But I did find the answer. The session was already open from the previous web site. As that wasn't closed, the new web site which got open when I clicked the link again couldn't establish a brand new session. SO the browser couldn't read the session cookie.That is why you always has to close the first one.
But thanks for helping me alexis. But I will remember to add more data in my question from next time onwards.
I need to get automatically login to website from my windows application. I am doing it with HttpWebRequest but what i want is to
Click on the button in my application.
Open the Index page (page after getting login)
Reason : I don't want to enter user name and pasword, i just want to click button and any browser(default browser) open with index page (page after login)
Normal Example :
I open a link " http://mail.yahoo.com " it shows me a page asking my email address and
password.
I enter the email id and password and press Login.
It redirects me to my Mail box page.
What to Do ?
click on the button
Automatically send my email id or user name and password to the website
Open my Mail box page.
Hint :
get cookie from HttpWebRequest.
set it to the browser.
Open browser and pass the credentials to login automatcially
can anyone help me?
I also need to solve the same issue, and the problem is hint point 2 in your list.
ie. how to set a cookie in a browser, without limiting yourself to using a specific broswer.
The conclusion I am coming to, is that I need to use a standard 'Single Sign-On' logic, where we update the web-server to use short term tokens such as mentioned here...
http://msdn.microsoft.com/en-us/library/ms972971.aspx
In this case the steps would be something like:
1. In app - Logon with HttpWebRequest.
2. Get short-term token (the link suggests validity lifetime of just 2 seconds)
3. Open browser with url
http://MyWebsite>/SignNn?token=xxxxxxxxxxxxxxxxxxxxxxxxxxxx
4. Next I need to confirm if the SignOn process can return cookies correctly.
I dont think you can solve this in a generic way.
What usually happens in such scenarios is that the form within the web page is submited to web server, the web server reads the user name / password values from the form and authenticates the user against the underlying user managment repository.
You can write such a solution for specific sites, by analzying with a sniffer the posted form in the authentication pages, and then creating such an http message yourself and sending it to the relevant site.
I am currently using a WSS 3.0 Web Part (C#) for creating a cookie.
I have a link button in my Sharepoint site which has an event that calls an encryption method and then stores the encrypted value in the Cookie. After creating the cookie, I am redirecting the user to a new URL which opens in a new window.
The cookie creation is successful. I was able to store my desired value and the domain that it gets is the one of where the link button is located.
What I want to do is to open the cookie in the newly opened window but when I try to use HttpContext.Current.Request.Cookies["cookieName"] I always get a null.
Can anyone help me with this issue ? I've been working on this for a couple of days now. I believe that there is an issue here regarding domains but I can't figure out the right solution.
I would start troubleshooting this by using browser developer tools (e.g. F12 in IE) to ensure that the cookies are actually being saved on the client - yes? Then :-
Is the new window opening with a URL that has a domain the same as the orig URL?
e.g.
#1 http://site.yourdomain.com/page1
#2 http://site.yourdomain.com/page2
If not then site1 can't read site2's cookies.
You also need to do some extra stuff to share across sub-domains.
MSDN - ASP.NET Cookies Overview