Trying to come to an understanding about AD authentication.

I have a site that I'm creating that uses authentication against AD. Now the process is that the user logs in and the site authenticates with AD and then creates a authentication cookie.

The problem I have been having is that is the session is aborted incorrectly (Crashed) the cookie is not deleted and the user cannot log back in until the cookie is manually deleted. This is the first method I was able to get working but I'm wondering if there is a better way so that the user is not left hanging if the browser or PC crash or they do not log off correctly.

Is it possible to just authenticate the user with AD without using cookies and use say a  timed session variable or store a variable in the Db to check? 


Any thoughts would be appreciated.


9/9/2008 2:20:57 PM 2291 articles. 0 followers. Follow

1 Replies

Similar Articles

[PageSpeed] 43

Have you tried using a non-persistent cookie?  It will get deleted when the browser closes because it's stored in memory and not the hard drive.   You can do this by creating a cookie and not setting an expiration date.

9/9/2008 8:06:30 PM

Similar Artilces:

An Audit of Active Directory Security, Part Three: Understanding LDAP, SASL, and Kerberos in the Context of AD security. -- Regard: Joh@nnes� "Nothing is more damaging to a new truth than an old error" ...

Authenticate against the Active Directory by Using Forms Authentication and Visual Basic .NET
I am using the code found on microsoft site;en-us;326340 And when i run it I get an error: Error authenticating. Error authenticating user. A referral was returned from the server I have changed the code to specify my domain DC=MyDomain,DC=local Has anyone run into this or knows what it means? Thanks Craig Hi Craig, Its giving me the same error. Can you please tell me how u specified ur DC,LDAP etc.. For example:- Dim domainAndUsername As String = domain & "\" & username Dim entry A...

LDAP Authentication to Active Directory
I am working on a site that uses AD for authentication and am attempting to use LDAP to authenticate between GroupWise and AD. I have gone through the procedure in both the GW 6.5 doco as well as the GW 6.5 Admin's Guide but am unable to use LDAP to authenticate. I have set up the Tools | GroupWise System Operations | LDAP Server field in C1 to be one of my AD domain controllers and provided the IP address and using port 389. I then have gone to the TestPO and provided it with the LDAP authentication and also the already defined AD LDAP server. I have created a test user ...

LDAP authentication using active directory
Happy Holidays. I am trying to set up bugzilla using LDAP authentication via active directory on a windows box. This setup does not seem to be covered in depth in the documentation. Does anyone have experience doing this or have a guide handy? Thanks, Brian ...

how to use Active Directory (AD) for authentication
Hi, does any expert knows how to make use of Active Directory for windows authentication. So far, based on the research that I have, I found out that we need to create a connectionString to LDAP server and create the member provider. However, I have no clue how to do it especially on the connection string. Do I need to inidicate the password any password to connect to it?   LDAP:// Thanks for your help.    Hi SavageRider,When you use windows authentication on ASP.NET, you don't need all that membership stuff etc. Also no ldap connections...

Active Directory, LDAP, and Forms Authentication
First post here. Pretty new to Please redirect me to the correct forum if I'm OT for this one. I'm trying to follow the forms authentication code in this article:,printer).aspx . When I add a global.asax file to the project, there isn't an Application_AuthenticateRequest event handler amongst the various event handlers.  When I add one manually and then add the code to it ( from step 3 in the link),  I get compile errors. I've Googled and don't see others having similar issues, so ma...

Is there a way to authenticate Active Directory users from multiple Active Directory Domains
Is there a way to authenticate Active Directory users from multiple Active Directory Domains in ASP.NET Application using C# or VB.NET?Suppose I have a LoginId "user1" from one of the three Active Directory Domains how can I authenticate it?I have two Active Directory domains. I can authenticate from the Active Directory Domain where my current system Account is logged in. But I can not authenticate from other Active Directory Domains. Actually I have 2 Active Directory domains in my LAN.Kamran ShahidSr. Software Engineer(MCP,,,MCTS,[web])Netprosys Inc.ww...

Suse LDAP authentication in Active Directory Problem
Hello, I am trying to set up a network with a Windows 2008 Server, using AD, I'm trying to authenticate in Suse with a Windows username, and I get this error, Apr 1 17:05:12 Susy sshd[6329]: nss_ldap: failed to bind to LDAP server ldap:// Invalid credentials Apr 1 17:05:12 Susy sshd[6329]: nss_ldap: failed to bind to LDAP server ldap:// Invalid credentials But, according to Windows Security Events Viewer,the Suse box doesn't even try to login, there is record of nothing. Can you help me? Thankyou. -- tiag...

LDAP authentication against trusted active directory domain
Bugzilla is successfully setup to query our main active directory domain. However, I am trying to have users authenticate in Bugzilla who have accounts in a second domain (in a separate forest), which the main domain trusts. I am not having any luck. The trust itself works perfectly in a non-Bugzilla context(e.g. file sharing). Any suggestions? ...

Trying to Understand the Relationship Between Active Directory and DNS
 Greetings, I have been trying to teach myself a bit of Active Directory in my spare time, and I must admit, I still don't completely understand the relationship between the Active Directory and DNS naming systems. I know that the two are entirely different from each other, but the recommendation (I think) seems to be that the naming systems should be identical. For example, if the DNS reference for a particular server is MYSERV.DOMAIN.LOCAL then the AD object reference will also be MYSERV.DOMAIN.LOCAL. Is there any truth to this?Here are a few additional questions:1) If I have...

4 issues with Net::LDAP and Active Directory
------_=_NextPart_001_01C74A47.D441C220 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I have 4 issues which I do not understand and I have searched the Net::LDAP documentation up and down and cannot figure it out. =20 1. pwdLastSet is only available for the DN of the user who is logged in. (That seems a little odd, why is that?) and yes I logged in as another user using LDAP and it was available for them and not me. =20 2. pwdLastSet is some Active Directory timestamp (Why oh why cant Microsoft just use utc like ev...

active directory authentication using ldap Options
I am trying to add forms authentication to an website. I am developing locally, than publishing the site to the web server. Everthing works fine on my local machine in debug mode. I am able to call up the login page, successfully authenticate against the remote active directory database and then be re-directed to the requested page. The problem occurs when I publish the app to the web server. I call up the application and get re-directed to the login page. I enter the same credentials, but receive the following error: Unknown error (0x80005000) Development environment: I am dev...

Net::LDAP, Active Directory and Disabled Users
------_=_NextPart_001_01C386CB.502F3B30 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I've been trying to write a simple perl script that will query the = active directory via LDAP and give me a list of email addresses for disabled = users (eg, addresses we don't want to accept email for anymore). I found a = website or two that suggested I use the following as my filter: (&(objectCategory=3Dperson)(userAccountControl:1.2.840.113556.1.4.803:=3D= 2)) I was beginning to think these websites were wrong as whene...

how to access Active Directory w/LDAP for clients authentication
Hi, I am using EAS 6.3 with PB 11.51 NVO's on Windows Server 2008 and would like my JSP/HTML clients authenticated with active directory. I only need to authenticate them for access to the website in EAS. Anyone know if there is something in EAS security to set so a role in EAS can be "linked" to the active directory or do I need to create a component? Thank you for any suggestions you might have. ...

Web resources about - Trying to come to an understanding about AD authentication. -

Authentication - Wikipedia, the free encyclopedia
Authentication (from Greek : αὐθεντικός authentikos , "real, genuine," from αὐθέντης authentes , "author") is the act of confirming the truth ...

Authentication - Facebook-Entwickler
Please note: On October 3, 2012, the offline_access permission will be removed. If you are building...

Facebook Adds Two Factor Authentication for Login and Redesigns Family Safety Center
... announced the release of several new tools to help users stay safe while using the site. Soon, users will be able to enable two factor authentication ...

Lockdown - A better two-factor authentication experience on the App Store on iTunes
Get Lockdown - A better two-factor authentication experience on the App Store. See screenshots and ratings, and read customer reviews.

YouTube - How To Hack Twitter's New Two Factor Authentication
Veröffentlicht am 23.05.2013 Connect! CEO Josh Alexander wants ...

SafeNet brings Cloud-based authentication service to A/NZ
SafeNet has released its new Cloud-based authentication service, billed as Authentication-as-a-Service, in A/NZ.

Two-factor authentication - cyber security -
Two recent hacking cases highlight how personal emails can impact overall business security through tiny weaknesses.

Digital authentication to become Google's next big focus
Streamlining the website login process a top priority, according to the company’s Australian business and consumer services manager Dan Metcalf. ...

Hands on: Twitter two-factor authentication
Optus and Vodafone customers need not apply when it comes to Twitter's two-factor authentication.

Resources last updated: 1/21/2016 10:52:09 PM