Two Form Authentication Cookie on same Browser

I have two virtual Directories with with Form Authentication, But Problem is thatwhen I log In in Both Virtual Directory Simeltanously gives Exception Of System.Security.Cryptography.CryptographicException: Bad Data

If i logs out from any one then every thing works fine

0
abcplex
4/24/2009 5:16:43 AM
asp.net.security 27051 articles. 1 followers. Follow

7 Replies
1005 Views

Similar Articles

[PageSpeed] 24
Get it on Google Play
Get it on Apple App Store

any?

1
abcplex
4/27/2009 8:00:30 AM

abcplex:

I have two virtual Directories with with Form Authentication, But Problem is thatwhen I log In in Both Virtual Directory Simeltanously gives Exception Of System.Security.Cryptography.CryptographicException: Bad Data

If i logs out from any one then every thing works fine

You meant to login the two Virtual Directory(VD) in the same time? Does the error happen when logging in? Could you show us the connection string and the membership conguration?

Thanks.


David Qian
Microsoft Online Community Support

Please remember to mark the replies as answers if they help and unmark them if they provide no help.
0
Wencui
4/28/2009 5:59:34 AM

Wencui Qian - MSFT:
You meant to login the two Virtual Directory(VD) in the same time?

Yes

Wencui Qian - MSFT:
Does the error happen when logging in?

 

Yes

Wencui Qian - MSFT:
Could you show us the connection string and the membership conguration?

Connection is OK, Because they run seprately fine,

0
abcplex
4/30/2009 7:59:22 AM

Hi abcplex,

Did you specify a machine key in web.config? If not, please try to see whether it can resolve the problem.

<machineKey validationKey="88CB6CA6CF403C5FBB41C2F62BB7FCFCA05DE7BE" decryptionKey="B8A7CF3816C57176" validation="SHA1" />

Thanks.


David Qian
Microsoft Online Community Support

Please remember to mark the replies as answers if they help and unmark them if they provide no help.
0
Wencui
4/30/2009 8:16:46 AM

Wencui Qian - MSFT:

Hi abcplex,

Did you specify a machine key in web.config? If not, please try to see whether it can resolve the problem.

<machineKey validationKey="88CB6CA6CF403C5FBB41C2F62BB7FCFCA05DE7BE" decryptionKey="B8A7CF3816C57176" validation="SHA1" />

Thanks.

 

Yes, But I don't think encryption and Decription of cookie is not this problem.

 

0
abcplex
5/4/2009 6:29:47 AM

abcplex:
Yes, But I don't think encryption and Decription of cookie is not this problem.

That seems strange. Please check web.config and see whether you've set applicationName property for membership. Also, please delete the temporary files and try again.

Thanks.


David Qian
Microsoft Online Community Support

Please remember to mark the replies as answers if they help and unmark them if they provide no help.
0
Wencui
5/4/2009 8:39:27 AM

Thanks here i find Some good situations

http://forums.asp.net/t/898519.aspx?PageIndex=1

But not resolved it.

0
abcplex
5/5/2009 4:01:36 AM
Reply:

Similar Artilces:

Is form authentication work if cookies disabled in browser
Hican anyone let me know Is form authentication work if cookies disabled in browser. If not then why?  Regards,Kunal Mehta Kunal MehtaWeb professionals who refuse to update their skills and insist on using outdated methods can no longer be called web professionals. Why not set up a simple experiment and find out for yourself? And post back the results. If it doesn't work, the reason would be "because it uses cookies".   To enable forms authentication, cookies must be enabled on the client browser. If the client disables cookies, the cookie generated b...

Can we use Forms Authentication even if we disabled browser cookies.
Can we use Forms Authentication even if we disabled browser cookies.Ashok kumar ASP.NET now supports cookieless forms authentication.  This MSDN article talks more about some of the new features: http://msdn.microsoft.com/library/en-us/dnpag2/html/pagexplained0002.asp?frame=true#pagexplained0002_cookielessforms There is a cookieless forms authentication section within it that talks about its features and how to configure it. Hope this helps, Scott...

Forms Authentication setAuthCookie fails to create cookie for IE6 browser and works fine for IE7
Please help me on this. I have tried thousands of ways, but it did'nt work. please help me on this. thanks in advance!  Set the Cookieless FormsAuthentication settings attribute to "AutoDetect" , this way if the browser doesn't supports cookies , the authentication inforamtion will be appended to the url .  <authentication mode="Forms"> <forms cookieless="AutoDetect"></forms> </authentication>  Regards,Anas Ghanem.Note:Please Don't hesitate to click "Report Abuse" link if you noticed...

form authentication cookie not posted on form
Hello,  I am trying to find a way to prevent a form authentication cookie from being posted by a form.  I have read somewhere that it was just a property, but I can't find it. The reason comes from the latest firefox versions (2.0.0.5 and 2.0.0.6) that now include the httponly property. The consequence is that a java software I am using no longer works since it gets rejected from posting the form. The form authentication cookie is httponly, and even though this software has no link with this cookie it gets rejected. So my idea is just to remove ...

Forms Authentication Cookie not showing up in Request.Cookies Collection
While migrating my ASP.NET 1.1 application to 2.0, I've noticed something very odd that I can't explain: When a user is authenticated via forms authentication, the forms authentication cookie is visible in the application trace (both in the httpheaders and the request.cookies section).  If I view the request.cookies collection using code in the application, I see the forms authentication cookie in the collection (as well as a "control" cookie I added for comparison). If I log out of the application, the forms authentication cookie is gone and is not viewable anywhere...

How to authenticate against the ADAM by using Forms authentication and Visual C# .NET
How to authenticate against the Active Directory by using Forms authentication and Visual C# .NET http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q316748 I followed this link for AD but did not work for ADAM. any help for the authenticate against the ADAM by using Forms authentication and Visual C# .NET would be appreciated.   Thanks in advance.    Hi dpatelPA, Please take a look at this tutorial: How To: Use Forms Authentication with Active Directory in ASP.NET 2.0:  http://msdn.microsoft.com/en-us/library/ms998360.aspx   Thanks.Davi...

Need two forms loginUrl to secure two different folders
I have a site has two folders that requirer different access rules. Which works. But I would like to secure the files in the folders from being accessed directly. I have included a forms loginUrl which provided me against people getting to the files in the folder but now I have two folders. It seems that if I try and test getting the second secured file in the second folder it brings me to the first logon folder screen. How do I create different loginUrl for two different folders? Thanks OneIdesigned Hello OneIdesigned, either you need different config files for the specific folders, ...

decrypting a .NET v2.0 authentication cookie in .NET v1.1
 have two web apps: App A is .NET v1.1 and App B is .NET v2.0 and is running in a virtual directory subfolder of App A. App B is being used to authenticate users. The plan is to share authentication across web apps accoridng to this article:ms-help://MS.NETFramework.v20.en/dv_aspnetcon/html/99e2f9e8-5b97-4a4d-a4ed-5f93276053b7.htmIn App A i have put some code to decrypt the cookie set by App B in the  Application_AuthenticateRequest Method. When I go to decrypt the authentication ticket in App A, I get an error on decrypting the cookie -- the exce...

Authenticate against the Active Directory by Using Forms Authentication and Visual Basic .NET
I am using the code found on microsoft site http://support.microsoft.com/default.aspx?scid=kb;en-us;326340 And when i run it I get an error: Error authenticating. Error authenticating user. A referral was returned from the server I have changed the code to specify my domain DC=MyDomain,DC=local Has anyone run into this or knows what it means? Thanks Craig Hi Craig, Its giving me the same error. Can you please tell me how u specified ur DC,LDAP etc.. For example:- Dim domainAndUsername As String = domain & "\" & username Dim entry A...

how secure is forms authentication?
With the application I'm building right now, every user has a numerical UserID, and just about all the data in my SQL Server database is linked to that number, so it's very important I keep that number confidential. For the authentication scheme, I have a basic login/pass page where I authenticate a user by using Forms Authentication with cookies, and assigning their UserID to the User.Identity.Name property. Then, on any protected pages, I basically make references to the UserID by saying Int32.Parse(User.Identity.Name). When I combine this with SSL, is this a secure enough scheme to make s...

Forms Authentication/Cookies
If I set my app to use cookieless session state does this effect Forms Authentication - will FA still use a cookie or will it reference the the session ID in the URL and reference the identity/role stuff from there? Thanks Simon Good question. as far as I'm aware, forms auth wouldn't be using a cookie anyway, would it? the login information is stored as a 'special case' in browser memory rather than as a cookie, and is sent in HTTP as its own header (auth_user?).RTFM - straight talk for web developers. Unmoderated, uncensored, occasionally unreadableJason Brown - MVP, IIS The SetAu...

Two Forms Authentications:
Hello: I currently have a application that uses forms authentication that protects a certain directory.  Now I need to add another forms authentication method that authenticates against a different database and is totally independent from the first authentication and protects a whole other directory.  What precuations should I take before hand and how would this be implemented?  Any suggestions appreciated.  Need ASP.NET web hosting? Private Message me for a free quote. Hi, That is not possible until you configure the directory as an application in your IIS.  Ba...

Forms Authentication
I am using forms authentication and everything seems to be working fine except that once I login it doesn't require me to login again. Even if I restart my application it remembers who I am. I know it uses cookies and I set my timeout to "1". Is there anything else I am missing? Thanks. If you are using the redirectfromloginpage method, check if you are passing true to the second argument which would create persistent cookie. HTH -aka...

Forms Authentication
 As I understand it, the Forms Authentication cookie is encrypted, signed, hashed, etc. If my website relied on the username of the cookie to get the active user, how secure would my website be? I wanted to know if anyone has read or seen anything about this system being broken. Friend, First, the auth cookie is encrypted. Others will not have direct access to the int value. Second, if you are transmitting it only over 128 bit SSL then that will be almost impossible to get at. However, I assume that you, like most people, are only using the SSL on the pages that MUST be secure l...

Web resources about - Two Form Authentication Cookie on same Browser - asp.net.security

Authentication - Wikipedia, the free encyclopedia
Authentication (from Greek : αὐθεντικός authentikos , "real, genuine," from αὐθέντης authentes , "author") is the act of confirming the truth ...

Authentication - Facebook-Entwickler
Please note: On October 3, 2012, the offline_access permission will be removed. If you are building...

Facebook Adds Two Factor Authentication for Login and Redesigns Family Safety Center
... announced the release of several new tools to help users stay safe while using the site. Soon, users will be able to enable two factor authentication ...

Lockdown - A better two-factor authentication experience on the App Store on iTunes
Get Lockdown - A better two-factor authentication experience on the App Store. See screenshots and ratings, and read customer reviews.


YouTube - How To Hack Twitter's New Two Factor Authentication
Veröffentlicht am 23.05.2013 Connect! http://toopher.com http://facebook.com/toopherinc http://twitter.com/toopher CEO Josh Alexander wants ...

SafeNet brings Cloud-based authentication service to A/NZ
SafeNet has released its new Cloud-based authentication service, billed as Authentication-as-a-Service, in A/NZ.

Two-factor authentication - cyber security -
Two recent hacking cases highlight how personal emails can impact overall business security through tiny weaknesses.

Digital authentication to become Google's next big focus
Streamlining the website login process a top priority, according to the company’s Australian business and consumer services manager Dan Metcalf. ...

Two-factor authentication: double or nothing
An extra layer of security keeps hackers at bay.

Resources last updated: 12/1/2015 4:19:08 AM