Hi
I have 2 MVC sites on a shared hosting environment. The first one works fine and I can log on and use the membership provider etc.. no problems. A second site can see the database and retrieve other (site specific) data on its pages. However when I try to log in I simply get a page refresh - no error messages with invalid UC/PW, and no succesful log on with good credentials, for example.
One further piece of info (may be a red herring) is that the first domain has the database declared within its control panel (using Plesk) - but the second one has no reference to it within the domain - however the hosting company have assured me that simply using the same connection string will work. And it does to retreive the site-specific data.
cheers
tm, Leeds UK
For anyones interest . .
It seems that because the site was still in preview, forms don't work until you actually put live.
Hosting is with Storm Internet
Related
I've been tasked with maintaining a DNN site that has been running for a while, so I copied it to my local development environment to get up to speed on the setup. I have the site up and running locally, and I can browse all (I think) of the pages. It seems to display correctly and yesterday, the DNN login worked correctly. However, today, when I try to login to manage changes, I enter my username and password on the login page, but it does not actually log in. On screen, all that seems to happen is that the password field clears. No error message displays. In my Firebug console, the only error message that appears is "Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen." Again, yesterday, I was able to log in and get to all of the DNN management features -- I changed skins, modified CSS, changed code, etc. I've tried multiple logins (host, superuser, and regular user) -- all have the same result.
I don't see anything in the database EventLog, except for a startup record.
I saw a couple of other SO posts tangentially related to failed DNN logins on development environment, and checked that Form Authentication is Enabled in IIS and the security for the site folders are set correctly and the folder is not read-only.
I generally use Firefox for development, but I also tried IE. I'm certain I'm missing sometime obvious, but it has me stumped. Ideas? I'm new to DNN, so I'm not up to speed yet on the best practices for debugging. Any other suggestions would be welcome.
Some details: Live site is SQL Server 2008; Dev is SQL Server 2012. Both sites use IIS 7. Dev is DNN 7.2.2. Locally, I'm using VS 2010 for development.
Couple of things to check.
1) Check to make sure your database connection strings (2 of them) in the web.config are both pointing to your local database.
2) Check to make sure the MachineKey values in the web.config still match the values in the production web.config
3) You might turn off SSL on the site, though you'll have to do that in the database as you can't get logged in. I believe you can likely just set Secure to 0 on all of the Tabs table records, but you might need to track down a HOST setting as well to make this work (hostsettings table)
An update. I was able to get this to work by using a different user account. I'm still not sure what the root of the problem was, but I believe it was related to specific settings on my particular user account. I used a generic 'admin' account, and was able to make it work.
Im experiencing the same issue, I think its something to do with the the .dotnetnuke cookie
I have two applications in my workspace, APP 1 and APP 2.
In my case, user will log in to APP 1. from there, i put a menu(or a link) to APP 2. however APP 2 requires authentication. So it will take me to a login page. i would like to eliminate that and get the current user's credentials on APP 1 and login to APP 2.
i'm looking for a simple straightforward method (but need to consider security) to login to APP 2.
what i could think of is apex_collection..i could store credentials n use it to create a login process for APP 2. however apex_collection is session based. eventhough i've set session for APP 2, it still wont read values from my apex_collection.
Does anyone have a suggestion or a solution?
All you need to do is use the same authentication scheme in both applications and set the cookie name attribute to the same value in both authentication schemes like this:
APEX will then use the same session across the two applications and the user will not have to log in again when they navigate from one to the other, provided of course that you pass the SESSION_ID in the URL.
A Few Comments on Default APEX Workspace Authentication Security
It may also be helpful to expand on an explanation of why the solution posted by #TonyAndrews works.
For any Apex Apps within the same workspace, if they use the default "APEX Application Authentication" method, they will consult the same authentication user list... so USER1 and its password is a valid login for any of the "neighboring" applications...
This may be a concern if you are hosting different clients or users that should not be intermingling with the other applications. You can also define user GROUPS in the same place as you set up each workspace user. Each application can have its own security filter that permits access by membership of BOTH user/password authentication AND membership in the appropriate access group.
Sharing workspaces may also be a problem because of the unique user name restriction of a single workspace. You can get around that by:
Defining different name-spaces for each application:
Email addresses are good: "someuser#sampledomain.com"
An app id prefix such as: SHOP_EDNA, SHOP_GARRETT, TC_KAREN, TC_MARLOWE, MY_BORIS etc.
Different name styles: first name only, first name + last initial, etc.
To keep things simple, you can always just spin up a brand new workspace: a warning however is that common user names like `ADMIN` are NOT the same between separate workspaces. There shouldn't be much concern however because apps or workspace users may have the same or different schema access privileges to the database back end.
A Word of Caution to Administrators and Developers:
When you go live with an application or multiple applications on a user-facing system, keep in mind the deployment destination (i.e., the workspace) and what else is sharing that workspace. There are some real situations where apps are not intended to be shared or accessed by other "inside" users. Be sure to read up and understand the security constraints and methods of using Default Apex Authentication security so that it's more than luck that protects your own production/live deployed applications.
I do have the similar requirement, linking from one application page to another.
Tried the above mentioned solution, but still asking to login to second application. My Apex ver is 5.0.3 and trying in same workspace.
Created new authentication schemes for each app with same cookie name and set them as current authentication. Scheme type are Application express accounts.
Setting the link as below from first app page to second.
href="http://servername:port/apex/f?p=224:2:&APP_SESSION"
Could anyone provide a solution, please?
Just an update on this.
I am currently using v21.2 and this is how I do it:
In both applications, go to Shared Components > Authentication Schemes > (Select your Auth Scheme);
Scroll down to Session Sharing and select 'Workspace Sharing';
In one of the applications (source), create a link (as a Navigation Bar List entry, for example) like f?p=173:1:&SESSION., where 173 is the target application ID and 1 is the target page.
After some research, I've found out that this feature (Session Sharing Type) is available since v18 of APEX.
This might be a very stupid question but I'll try it anyway. We currently have our company website TeamDeals Energie Collectief running on Drupal and next to that we have an access database with all our customer info. We would like to automatically import submitted forms from the website into our database. The problem is we have no idea if and how this could be accomplished.
You can setup a view exporting your form results in CSV (you can configure your view so it fetches only last days submissions or something like that) with drupal.org/project/views_data_export, set a URL to this view, and have a daily cron job on your remote system (hosting your access database) like "wget http://www.teamdeals.nl/path_to_your_csv_view". Maybe not very clean but it works (I saw this once).
You might have problems trying to get form submissions from a view. Assuming you're using webforms, have a look to this post.
You can (should ?) restrain your CSV view URL access to a IP array (on your view : Page settings -> Access permission -> PHP code :
return in_array($_SERVER['REMOTE_ADDR'], array('your.remote.server.ip'));
).
I repeat, there is certainly a better / more secure solution, but it might be a starting point.
I have a problem on my silverlight application.
I login in my application using my ID (assume x) (using Internet explore 8),
so assume i can see some reports which is releated to my ID.
Without closing the above browser in another Internet explore 8 in the same machine i am login into the
same application using another ID(assume y), so now i can see 2nd set of reports which is related to this ID.
Now If i refresh the report page of the first browser which is got logged with the ID (x), I am seeing the (y)
userid's report not the earlier.
How to fix this?
Thanks
In internet explorer choose "New Session" from the "File" menu. This will create a new IExplore.exe process tree which manages its own set of session level cookies. This should allow you to maintain two separate logins at the same time.
Sounds like you are using the ASP membership provider... if so that is limited to 1 session per browser/user on the same PC (same limitation if it was a web app).
Why are you trying to login 2 different users from the same machine? If it is for testing you can probably open two different browsers (IE and FireFox?) and get two session that way.
Update (based on comments below):
Option A. As you need multiple user logins on the same machine in the same browser type, you cannot use the asp membership provider and will have to replace that provider with a Silverlight-specific credential/login system.
Option B. The alternative is to change your application to allow selection of client from within the app (this would be my choice as you are misusing users as a convenience).
I have a PerformancePoint dashboard running in MOSS 2007 portal. The dashboard consists of one SSRS 2005 report, running in SharePoint Integrated mode.
NT Authority\Authenticated Users have read permissions to the report library containing the SSRS report, the dashboard, and the report library containing the dashboard.
Users that attempt to access the dashboard receive the following error message:
The permissions granted to user
'DOMAIN\firstname.lastname' are
insufficient for performing this
operation. (rsAccessDenied)
Users that then click on the direct link to the report in MOSS will see the report with no problem. Subsequent visits to the dashboard show the report with no problem.
The report is using a data source that is located one folder up from the report location. The report has been updated to point to the correct shared data source after deployment. Both the report and the data source have been published. The data source is using stored credentials, with a domain service account that has been set to Use as Windows credentials. This service account is serving other reports in other areas with no problem.
Edit:
Ok, I've gotten a lot more information on this problem. The request is never actually being made to the data source. The user comes in to the dashboard and requests a report for the first time using their kerberos token identifying themselves. The report looks in the Report Server database and finds that they are not listed in the users table and generates this rsAccessDenied error. Once they view the report directly their name is in this table and they never have the problem again.
Unfortunately, removing the user from the Users table in the RS database doesn't actually cause this error to happen again.
Everything I've read says that when you run a Report Server in MOSS integrated mode all your permissions are handled at the MOSS report library level, and all Auth users have permissions to the report library, as stated earlier. Any ideas?
It sounds like the dashboard page is not passing credentials to the report server. Because you stated if the user hits the report directly it works and then if they go through the dashboard it works. So does it stop working after a certain period, indicating a cached session?
I would look carefully at the properties on the dashboard in performance point to see if it is passing credentials or trying to use anonymous. I hope this isn't a case of double hop and Kerberos :(
I'm not sure if this is actually the same issue, but you could double check that the data sources are set to "Approved", not "Pending". It's a stretch, but it's worth a shot.
I implemented a work-around:
created a fake report
on the page with my report, created a content editor web part consisting of the following:
<iframe style="display:none;" src="https://link/to/my/report.rdl"></iframe>
I tested with another user that was experiencing the error, and they are no longer experiencing the error with my new and improved page.
I know this is a kludgy, and might even be dependent on the loading order of the page. Therefore, I would really like to find out what's causing this issue so I can fix it for good.
Edit:
I don't want to accept my own answer, since it's just a work-around. If anyone can post anything relevant to the user name placed into the Report Server DB and how that relates to SharePoint Integrated mode, you'll get the bounty.