Comments for Brant Burnett's Development Blog http://btburnett.com Mon, 08 Feb 2010 15:19:40 +0000 http://wordpress.org/?v=2.9.2 hourly 1 Comment on LABjs.Net Release Candidate 1.0rc4 by Simplify Asynchronous Javascript Loading In ASP.Net Using LABjs | Brant Burnett's Development Blog http://btburnett.com/2010/02/labjs-net-release-candidate-1-0rc4.html/comment-page-1#comment-24 Simplify Asynchronous Javascript Loading In ASP.Net Using LABjs | Brant Burnett's Development Blog Mon, 08 Feb 2010 15:19:40 +0000 http://btburnett.com/?p=109#comment-24 [...] Update 2/8/2010: Updated to version 1.0rc4 [...] [...] Update 2/8/2010: Updated to version 1.0rc4 [...]

]]> Comment on Create A Self-Signed SSL Certificate In .NET by jholovacs http://btburnett.com/2009/05/create-a-self-signed-ssl-certificate-in-net.html/comment-page-1#comment-21 jholovacs Sun, 19 Jul 2009 22:38:11 +0000 http://btburnett.com/?p=95#comment-21 Fantastic work, thanks. This really gave me a starting point to work from. Fantastic work, thanks. This really gave me a starting point to work from.

]]> Comment on Update To Partial Authentication System by Secure Persistent ASP.NET Forms Authentication | Brant Burnett’s .NET Blog http://btburnett.com/2008/08/update-to-partial-authentication-system-2.html/comment-page-1#comment-19 Secure Persistent ASP.NET Forms Authentication | Brant Burnett’s .NET Blog Sat, 02 May 2009 13:52:31 +0000 http://www.btburnett.com/?p=19#comment-19 [...] Please note that this library is designed for .NET 3.5 and Visual Studio 2008, though it should be easily convertible back to .NET 2.0 if you change the project settings. UPDATE: Please see updated version here [...] [...] Please note that this library is designed for .NET 3.5 and Visual Studio 2008, though it should be easily convertible back to .NET 2.0 if you change the project settings. UPDATE: Please see updated version here [...]

]]> Comment on Update To Partial Authentication System by Update To Partial Authentication System | Brant Burnett’s .NET Blog http://btburnett.com/2008/08/update-to-partial-authentication-system-2.html/comment-page-1#comment-18 Update To Partial Authentication System | Brant Burnett’s .NET Blog Sat, 02 May 2009 13:51:16 +0000 http://www.btburnett.com/?p=19#comment-18 [...] I’ve posted new source and binaries for download. UPDATE: Please see updated version here [...] [...] I’ve posted new source and binaries for download. UPDATE: Please see updated version here [...]

]]> Comment on Forcing 32-bit Execution in .NET by cpimentel http://btburnett.com/2008/06/forcing-32-bit-execution-in-net.html/comment-page-1#comment-17 cpimentel Sun, 09 Nov 2008 14:16:00 +0000 http://www.btburnett.com/?p=14#comment-17 Great! I don´t need anymore to replace the Windows7 64bits to work ;)<br/>Thanks... Great! I don´t need anymore to replace the Windows7 64bits to work ;)
Thanks…

]]> Comment on Secure Persistent ASP.NET Forms Authentication by Brant Burnett http://btburnett.com/2008/05/secure-persistent-aspnet-forms-authentication.html/comment-page-1#comment-16 Brant Burnett Mon, 03 Nov 2008 13:59:00 +0000 http://www.btburnett.com/?p=11#comment-16 Okay, I think the problem you are having is that you are just calling SetAuthCookie on the partial authentication system. If you call RedirectFromLogonPage then it sets both of cookies. However, if you want to use SetAuthCookie then you need to call it on both the FormsAuthentication and PartialAuthentication classes. Okay, I think the problem you are having is that you are just calling SetAuthCookie on the partial authentication system. If you call RedirectFromLogonPage then it sets both of cookies. However, if you want to use SetAuthCookie then you need to call it on both the FormsAuthentication and PartialAuthentication classes.

]]> Comment on Secure Persistent ASP.NET Forms Authentication by Chris Green http://btburnett.com/2008/05/secure-persistent-aspnet-forms-authentication.html/comment-page-1#comment-15 Chris Green Mon, 03 Nov 2008 00:24:00 +0000 http://www.btburnett.com/?p=11#comment-15 Brant - thanks for responding...<br/><br/>This is my setup now - blogger wouldn't let me add my code with the forms tags.<br/><br/> authentication mode="Forms"<br/> forms name="app1" <br/> slidingExpiration="false" <br/> protection="All" <br/> cookieless="UseCookies" <br/> timeout="20" <br/> loginUrl="/ssl/Login.aspx" <br/> path="/" <br/> defaultUrl="Default.aspx"<br/> /forms<br/> /authentication<br/><br/>PartialAuthenticaionSystem<br/><br/>partialAuthenticationSystem<br/> authentication timeout="172800" name=".ASPXIDENTITY" /<br/> authorization requireSSL="None" requireLogin="false" /<br/> /partialAuthenticationSystem<br/><br/>I have a login control OnLoggedIn event set to this<br/> protected void Login1_LoggingIn(object sender, EventArgs e)<br/> {<br/> <br/> PartialAuthentication.SetAuthCookie(this.Login1.UserName, false);<br/><br/> }<br/><br/>I am still losing the Context once I leave https - requireSSL is not set for either. Brant – thanks for responding…

This is my setup now – blogger wouldn’t let me add my code with the forms tags.

authentication mode=”Forms”
forms name=”app1″
slidingExpiration=”false”
protection=”All”
cookieless=”UseCookies”
timeout=”20″
loginUrl=”/ssl/Login.aspx”
path=”/”
defaultUrl=”Default.aspx”
/forms
/authentication

PartialAuthenticaionSystem

partialAuthenticationSystem
authentication timeout=”172800″ name=”.ASPXIDENTITY” /
authorization requireSSL=”None” requireLogin=”false” /
/partialAuthenticationSystem

I have a login control OnLoggedIn event set to this
protected void Login1_LoggingIn(object sender, EventArgs e)
{

PartialAuthentication.SetAuthCookie(this.Login1.UserName, false);

}

I am still losing the Context once I leave https – requireSSL is not set for either.

]]> Comment on Secure Persistent ASP.NET Forms Authentication by Brant Burnett http://btburnett.com/2008/05/secure-persistent-aspnet-forms-authentication.html/comment-page-1#comment-14 Brant Burnett Thu, 30 Oct 2008 16:08:00 +0000 http://www.btburnett.com/?p=11#comment-14 Chris,<br/><br/>The partial authentication system uses forms authentication as its backbone, so that setting is correct. My first guess would be that you have RequireSSL set on your forms authentication. You should not have this set. This setting affects the basic forms authentication cookie, which you want to always transmit even over HTTP. The extra cookie created by the partial authentication system will require SSL regardless of this setting, so you'll still be secure. If this doesn't help let me know.<br/><br/>Brant Chris,

The partial authentication system uses forms authentication as its backbone, so that setting is correct. My first guess would be that you have RequireSSL set on your forms authentication. You should not have this set. This setting affects the basic forms authentication cookie, which you want to always transmit even over HTTP. The extra cookie created by the partial authentication system will require SSL regardless of this setting, so you’ll still be secure. If this doesn’t help let me know.

Brant

]]> Comment on Secure Persistent ASP.NET Forms Authentication by Chris Green http://btburnett.com/2008/05/secure-persistent-aspnet-forms-authentication.html/comment-page-1#comment-13 Chris Green Mon, 27 Oct 2008 05:24:00 +0000 http://www.btburnett.com/?p=11#comment-13 Brant - Very good post.<br/><br/>Do you have any examples of how to use PartialAuthentication static class to login and logout?<br/><br/>I am not sure if I am setting things right. When I check the AuthenticationType it is "Forms". <br/><br/>I am still lossing the Context when switching back to http which I assume it is supposed to be populated by the insecure cookie... Brant – Very good post.

Do you have any examples of how to use PartialAuthentication static class to login and logout?

I am not sure if I am setting things right. When I check the AuthenticationType it is “Forms”.

I am still lossing the Context when switching back to http which I assume it is supposed to be populated by the insecure cookie…

]]> Comment on Monitoring a WCF Service Host by Brant Burnett http://btburnett.com/2008/10/monitoring-a-wcf-service-host.html/comment-page-1#comment-12 Brant Burnett Tue, 14 Oct 2008 14:26:00 +0000 http://www.btburnett.com/?p=24#comment-12 That is correct, you can't just reopen the channel. That's why I'm using a delegate back to recreate the host whenever it needs to be reopened. That is correct, you can’t just reopen the channel. That’s why I’m using a delegate back to recreate the host whenever it needs to be reopened.

]]>