httpcookie - Page 3 - Developer IT

Set cookie value before view loaded in MVC?

- by James123

I need to set a cookie value before my view called. otherwise I have to refresh the page to get cookie value in the view. The problem here is the value of cookie will get in controller. [HttpGet] [Route("Abstract/{meetingCode}")] [AllowAnonymous] public ActionResult Index(string meetingCode) { var meetingAbstract = new MeetingAbstract(); meetingAbstract.Meeting = _abstractContext.GetMeetingWithMeetingCode(meetingCode); if (meetingAbstract.Meeting != null) { var cookie = new HttpCookie("_culture"); cookie.Value = meetingAbstract.Meeting.language.language_locale_code;//"en-US"; cookie.Expires = DateTime.Now.AddDays(365); cookie.Path = "/"; this.ControllerContext.HttpContext.Response.Cookies.Add(cookie); ... Any other way without refresh the page again to set cookie value?

Read the article

Setting cookie in LiftFilter

- by Gero

Hi, How do I set a cookie in a LiftFilter.doFilter method? I tried to set the cookie as follows (stripped some code): class AuthenticationFilter extends LiftFilter { override def doFilter(request: ServletRequest, response: ServletResponse , chain: FilterChain) { val cookie = new HTTPCookie("SomeCookie", Full("" + System.nanoTime), Empty, Full("/authentication"), Full(60 * 60 * 24 * 14), Empty, Empty) cookie.setPath("/somePath") S.addCookie(cookie) val httpResp = response.asInstanceOf[HttpServletResponse] httpResp.sendRedirect("/some/page.html") } } However, when I check the browsers cookie, no cookie is set (apart from JSESSIONID), and I know the doFilter method is being executed because of logging messages and the fact that the browser is redirected to /some/page.html. I'm using Scala 2.8, Lift 2.1-SNAPSHOT and the app is running is GAE (1.3.6, only tested on dev_appserver so far). Any ideas? Thanks, Gero

Read the article

Session and Pop Up Window

- by imran_ku07

Introduction : Session is the secure state management. It allows the user to store their information in one page and access in another page. Also it is so much powerful that store any type of object. Every user's session is identified by their cookie, which client presents to server. But unfortunately when you open a new pop up window, this cookie is not post to server with request, due to which server is unable to identify the session data for current user. In this Article i will show you how to handle this situation, Description : During working in a application, i was getting an Exception saying that Session is null, when a pop window opens. After seeing the problem more closely i found that ASP.NET_SessionId cookie for parent page is not post in cookie header of child (popup) window. Therefore for making session present in both parent and child (popup) window, you have to present same cookie. For cookie sharing i passed parent SessionID in query string, window.open('http://abc.com/s.aspx?SASID=" & Session.SessionID &','V'); and in Application_PostMapRequestHandler application Event, check if the current request has no ASP.NET_SessionId cookie and SASID query string is not null then add this cookie to Request before Session is acquired, so that Session data remain same for both parent and popup window. Private Sub Application_PostMapRequestHandler(ByVal sender As Object, ByVal e As EventArgs) If (Request.Cookies("ASP.NET_SessionId") Is Nothing) AndAlso (Request.QueryString("SASID") IsNot Nothing) Then Request.Cookies.Add(New HttpCookie("ASP.NET_SessionId", Request.QueryString("SASID"))) End If End Sub Now access Session in your parent and child window without any problem. How this works : ASP.NET (both Web Form or MVC) uses a cookie (ASP.NET_SessionId) to identify the user who is requesting. Cookies are may be persistent (saved permanently in user cookies ) or non-persistent (saved temporary in browser memory). ASP.NET_SessionId cookie saved as non-persistent. This means that if the user closes the browser, the cookie is immediately removed. This is a sensible step that ensures security. That's why ASP.NET unable to identify that the request is coming from the same user. Therefore every browser instance get it's own ASP.NET_SessionId. To resolve this you need to present the same parent ASP.NET_SessionId cookie to the server when open a popup window. You can confirm this situation by using some tools like Firebug, Fiddler, Summary : Hopefully you will enjoy after reading this article, by seeing that how to workaround the problem of sharing Session between different browser instances by sharing their Session identifier Cookie.

Read the article

ASP.Net FormsAuthentication Redirect Loses the cookie between Redirect and Application_AuthenticateR

- by Joel Etherton

I have a FormsAuthentication cookie that is persistent and works independently in a development, test, and production environment. I have a user that can authenticate, the user object is created, the authentication cookie is added to the response: 'Custom object to grab the TLD from the url authCookie.Domain = myTicketModule.GetTopLevelDomain(Request.ServerVariables("HTTP_HOST")) FormsAuthentication.SetAuthCookie(authTicket.Name, False) Response.SetCookie(authCookie) The user gets processed a little bit to check for a first time login, security questions, etc, and is then redirected with the following tidbit: Session.Add("ForceRedirect", "/FirstTimeLogin.aspx") Response.Redirect("~/FirstTimeLogin.aspx", True) With a debug break, I can verify that the cookie collection holds both a cookie not related to authentication that I set for a different purpose and the formsauthentication cookie. Then the next step in the process occurs at the ApplicationAuthenticateRequest in the global.asax: Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As EventArgs) Dim formsCookieName As String = myConfigurationManager.AppSettings("FormsCookieName") Dim authCookie As HttpCookie = Request.Cookies(formsCookieName) At this point, for this ONE user authCookie is nothing. I have 15,000 other users who are not impacted in this manner. However, for one user the cookie just vanishes without a trace. I've seen this before with w3wp.exe exceptions, state server exceptions and other IIS process related exceptions, but I'm getting no exceptions in the event log. w3wp.exe is not crashing, the state server has some timeouts but they appear unrelated (as verified by timestamps) and it only happens to this one user on this one domain (this code is used across 2 different TLDs with approximately 10 other subdomains). One avenue I'm investigating is that the cookie might just be too large. I would think that there would be a check for the size of the cookie going into the response, and I wouldn't think it would impact it this way. Any ideas why the request might dumping the cookie? NOTE: The secondary cookie I mentioned that I set also gets dumped (and it's very tiny). EDIT-NOTE: The session token is NOT lost when this happens. However, since the authentication cookie is lost, it is ignored and replaced on a subsequent login.

Read the article

Can't log in a user in MVC!

- by devlife

I have been scratching my head on this for a while now but still can't get it. I'm trying to simply log in a user in an MVC2 application. I have tried everything that I know to try but still can't figure out what I'm doing wrong. Here are a few things that I have tried: FormsAuthentication.SetAuthCookie( emailAddress, rememberMe ); var cookie = FormsAuthentication.GetAuthCookie( emailAddress, rememberMe ); HttpContext.Response.Cookies.Add( cookie ); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( emailAddress, rememberMe, 15 ); FormsIdentity identity = new FormsIdentity( ticket ); GenericPrincipal principal = new GenericPrincipal(identity, new string[0]); HttpContext.User = principal; I'm not sure if any of this is the right thing to do (as it's not working). After setting HttpContext.User = principal then Request.IsAuthenticated == true. However, in Global.asax I have this: HttpCookie authenCookie = Context.Request.Cookies.Get( FormsAuthentication.FormsCookieName ); The only cookie that ever is available is the aspnet session cookie. Any ideas at all would be much appreciated!

Read the article

FormsAuthentication authCookie is null only for some users

- by mbalkema

I am experiencing a strange problem with asp.net forms authentication. This problem only occurs for 3 users out of 30+ users that have successfully logged in. I am using very basic auth code that I have used many times and have never seen this problem. After the users successfully authenticates and the auth cookie is created, cookie added, and response.redirect to FormsAuthentication.GetRedirect(userid, false) is called. The Application_AuthenticateRequest method in Global.asax is hit. // Extract the forms authentication cookie string cookieName = FormsAuthentication.FormsCookieName; HttpCookie authCookie = Context.Request.Cookies[cookieName]; if (null == authCookie) { // There is no authentication cookie. return; } So immediately after a "good" cookie is saved and the redirect occurs the cookie is null. I have run the code through the debugger and the cookie is only null on these 3 users. But the cookie looks the same as the cookie for the many users that login successfully. Any ideas? This is standard code that should just work.

Read the article

Asp.Net 2 integrated sites How to Logout second site programatically.

- by NBrowne

Hi , I am working with an asp.net 2.0 site (call it site 1) which has an iframe in it which loads up another site (site2) which is also an asp.net site which is developed by our team. When you log onto site 1 then behind the scenes site 2 is also logged in so that when you click the iframe tab then this displays site 2 with the user logged in (to prevent the user from having to log in twice). The problem i have is that when a user logs out of site 1 then we call some cleanup methods to perform FormsAuthentication.SignOut and clean session variables etc but at the moment no cleanup is called when the user on site 2. So the issue is that if the user opens up Site 2 from within a browser then website 2 opens with the user still logged in which is undesired. Can anyone give me some guidance as to the best approach for this?? One possible approach i though of was just that on click of logout button i could do a call to a custom page on Site 2 which would do the logout. Code below HttpWebRequest request; request = ((HttpWebRequest)(WebRequest.Create("www.mywebsite.com/Site2Logout.aspx"))); request.Method = "POST"; HttpCookie cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName]; Cookie authenticationCookie = new Cookie( FormsAuthentication.FormsCookieName, cookie.Value, cookie.Path, HttpContext.Current.Request.Url.Authority); request .CookieContainer = new CookieContainer(); request .CookieContainer.Add(authenticationCookie); response.GetResponse(); Problem i am having with this code is that when i run it and debug on Site 2 and check to see if the user is Authenticated they are not which i dont understand because if i open browser and browse to Site 2 i am Still authenticated. Any ideas , different direction to take etc ??? Please let me know if you need any more info or if i something i have said dosent make sense. Thanks

Read the article

Forms Authentication logs out very quickly , locally works fine !!!

- by user319075

Hello to all, There's a problem that i am facing with my hosting company, I use a project that uses FormsAuthentication and the problem is that though it successfully logs in, it logs out VERY QUICKLY, and i don't know what could be the cause of that, so in my web.config file i added those lines: <authentication mode="Forms" > <forms name="Nadim" loginUrl="Login.aspx" defaultUrl="Default.aspx" protection="All" path="/" requireSSL="false"/> </authentication> <authorization> <deny users ="?" /> </authorization> <sessionState mode="StateServer" stateConnectionString="tcpip=localhost:42424" cookieless="false" timeout="1440"> </sessionState> and this is the code i use in my custom login page : protected void PasswordCustomValidator_ServerValidate(object source, ServerValidateEventArgs args) { try { UsersSqlDataSource.SelectParameters.Clear(); UsersSqlDataSource.SelectCommand = "Select * From Admins Where AdminID='" + IDTextBox.Text + "' and Password='" + PassTextBox.Text + "'"; UsersSqlDataSource.SelectCommandType = SqlDataSourceCommandType.Text; UsersSqlDataSource.DataSourceMode = SqlDataSourceMode.DataReader; reader = (SqlDataReader)UsersSqlDataSource.Select(DataSourceSelectArguments.Empty); if (reader.HasRows) { reader.Read(); if (RememberCheckBox.Checked == true) Page.Response.Cookies["Admin"].Expires = DateTime.Now.AddDays(5); args.IsValid = true; string userData = "ApplicationSpecific data for this user."; FormsAuthenticationTicket ticket1 = new FormsAuthenticationTicket(1, IDTextBox.Text, System.DateTime.Now, System.DateTime.Now.AddMinutes(30), true, userData, FormsAuthentication.FormsCookiePath); string encTicket = FormsAuthentication.Encrypt(ticket1); Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); Response.Redirect(FormsAuthentication.GetRedirectUrl(IDTextBox.Text, RememberCheckBox.Checked)); //FormsAuthentication.RedirectFromLoginPage(IDTextBox.Text, RememberCheckBox.Checked); } else args.IsValid = false; } catch (SqlException ex) { ErrorLabel.Text = ex.Message; } catch (InvalidOperationException) { args.IsValid = false; } catch (Exception ex) { ErrorLabel.Text = ex.Message; } Also you will find that line of code: FormsAuthentication.RedirectFromLoginPage(IDTextBox.Text, RememberCheckBox.Checked); is commented because i thought there might be something wrong with the ticket when i log in , so i created it manually , every thing i know i tried but nothing worked, so does anyone have any idea what is the problem ? Thanks in advance, Baher.

Developer IT