|
-
Oct 24th, 2009, 10:09 AM
#1
Want to have a page that doesn't really require LOGIN
I've got a customer site - an HTTPS: site. Their clients login to this site and upload and download documents - all nice and secure.
Now - we want to have vendor's submit applications on this site.
Initially it's going to be used kiosk-style - at a tradeshow - vendors will sit and fill in the application. Obviously the site is still remote from this kiosk setting.
We don't want this page to timeout and go back to the login page.
I found this in the web.config
Code:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" protection="All" timeout="600" name="CaseFileDownloader"
requireSSL="false" slidingExpiration="true" defaultUrl="Clients/ClientHome.aspx"
cookieless="UseCookies" enableCrossAppRedirects="false"/>
</authentication>
<authorization>
<allow users="*"/>
<allow users="?"/>
</authorization>
and then went to read this
http://msdn.microsoft.com/en-us/library/aa480476.aspx
About halfway down my eyes glazed over 
So - is this possible?
Right now to get to the vendor application page you do have to put a un/pw. My thinking was that the staff at the tradeshow would simply login the laptop to the vendor application page and people would sit and fill in the page - hit submit.
What can I do to make it so that after a timeout - with iis killing the session (I guess?)...
That you are not required to login to the site again.
How do I make this single page not require a logged in state?
This is the whole of the VB code behind the SUBMIT button on that page
I am filling a session variable - I don't need to do this. The FINISHAPP.ASPX "thank you" page doesn't really need to display anything other then the THANK YOU. The session variable with the "added vendor" id was really just for my debugging purposes...
Code:
Protected Sub SubmitProject_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles SubmitProject.Click
SaveVendor()
End Sub
Protected Sub SaveVendor()
Try
Using dcn As New SqlConnection(System.Web.Configuration.WebConfigurationManager.ConnectionStrings("LocalSQLServer").ToString)
Using cmd As New SqlCommand
Dim topd As Boolean = False
Dim popd As Boolean = False
For i As Integer = 1 To 5
Dim lfrom As String = DirectCast(FindCtl("LanguageFrom" & i.ToString), DropDownList).SelectedValue
Dim lto As String = DirectCast(FindCtl("LanguageTo" & i.ToString), DropDownList).SelectedValue
Dim trate As String = DirectCast(FindCtl("TRate" & i.ToString), TextBox).Text
Dim prate As String = DirectCast(FindCtl("PRate" & i.ToString), TextBox).Text
Dim irate As String = DirectCast(FindCtl("IRate" & i.ToString), TextBox).Text
Dim DidSave As Boolean = False
If trate <> "" Then
topd = True
DidSave = True
End If
If prate <> "" Then
popd = True
DidSave = True
End If
If trate <> "" Then
DidSave = True
End If
If Not DidSave Then
If lfrom <> "" Or lto <> "" Then
topd = True
DidSave = True
End If
End If
Next
Session("VendorId") = ""
cmd.CommandType = CommandType.StoredProcedure
cmd.CommandText = "dbo.wspAddVendor_P"
Dim tflag As String = ""
Dim pflag As String = ""
Dim iflag As String = ""
If TranslationChk.Checked Then tflag = "Y"
If ProofreadingChk.Checked Then pflag = "Y"
If InterpretationChk.Checked Then iflag = "Y"
Dim gc As String = GeneralCmnt.Text
If TranslationOutputDay.Text <> "" Then
If Not topd Then
gc = gc & Environment.NewLine & "Translation Output Per Day: " & TranslationOutputDay.Text
End If
End If
If ProofreadingOutputDay.Text <> "" Then
If Not popd Then
gc = gc & Environment.NewLine & "Proofreading Output Per Day: " & ProofreadingOutputDay.Text
End If
End If
cmd.Parameters.AddWithValue("@FName", FName.Text)
cmd.Parameters.AddWithValue("@LName", LName.Text)
cmd.Parameters.AddWithValue("@Company", Company.Text)
cmd.Parameters.AddWithValue("@EMail1", EMail1.Text)
cmd.Parameters.AddWithValue("@MAddress1", MAddress1.Text)
cmd.Parameters.AddWithValue("@MCity", MCity.Text)
cmd.Parameters.AddWithValue("@MState", MState.Text)
cmd.Parameters.AddWithValue("@MZip", MZip.Text)
cmd.Parameters.AddWithValue("@MCountry", MCountry.Text)
cmd.Parameters.AddWithValue("@Phone1", Phone1.Text)
cmd.Parameters.AddWithValue("@Phone2", Phone2.Text)
cmd.Parameters.AddWithValue("@Phone3", Phone3.Text)
cmd.Parameters.AddWithValue("@Fax", Fax.Text)
cmd.Parameters.AddWithValue("@FrmtFlag", FrmtFlag.SelectedValue)
cmd.Parameters.AddWithValue("@HandFlag", HandFlag.SelectedValue)
cmd.Parameters.AddWithValue("@NativeLang", NativeLang.SelectedValue)
cmd.Parameters.AddWithValue("@TranslationFlag", tflag)
cmd.Parameters.AddWithValue("@ProofreadingFlag", pflag)
cmd.Parameters.AddWithValue("@InterpretationFlag", iflag)
cmd.Parameters.AddWithValue("@PatentFlag", PatentFlag.SelectedValue)
cmd.Parameters.AddWithValue("@CertificationsCmnt", CertificationsCmnt.Text)
cmd.Parameters.AddWithValue("@EducationCmnt", EducationCmnt.Text)
cmd.Parameters.AddWithValue("@ReferencesCmnt", ReferencesCmnt.Text)
cmd.Parameters.AddWithValue("@ExperienceCmnt", ExperienceCmnt.Text)
cmd.Parameters.AddWithValue("@WebSiteLink", WebSiteLink.Text)
cmd.Parameters.AddWithValue("@GeneralCmnt", gc)
cmd.Connection = dcn
dcn.Open()
Dim x As String = cmd.ExecuteScalar().ToString
cmd.Dispose()
For i As Integer = 1 To 5
Dim lfrom As String = DirectCast(FindCtl("LanguageFrom" & i.ToString), DropDownList).SelectedValue
Dim lto As String = DirectCast(FindCtl("LanguageTo" & i.ToString), DropDownList).SelectedValue
Dim trate As String = DirectCast(FindCtl("TRate" & i.ToString), TextBox).Text
Dim prate As String = DirectCast(FindCtl("PRate" & i.ToString), TextBox).Text
Dim irate As String = DirectCast(FindCtl("IRate" & i.ToString), TextBox).Text
Dim DidSave As Boolean = False
If trate <> "" Then
SaveVenCap(dcn, x, "Translation", lfrom, lto, trate, TranslationOutputDay.Text)
DidSave = True
End If
If prate <> "" Then
SaveVenCap(dcn, x, "Proofreading", lfrom, lto, prate, ProofreadingOutputDay.Text)
DidSave = True
End If
If trate <> "" Then
SaveVenCap(dcn, x, "Consulting", lfrom, lto, irate, "")
DidSave = True
End If
If Not DidSave Then
If lfrom <> "" Or lto <> "" Then
SaveVenCap(dcn, x, "Translation", lfrom, lto, "* Left Blank", TranslationOutputDay.Text)
DidSave = True
End If
End If
Next
Try
Using cmd2 As New SqlCommand
cmd2.CommandType = CommandType.StoredProcedure
cmd2.CommandText = "dbo.wspAddVenSpec_P"
cmd2.Parameters.AddWithValue("@VendorId", x)
cmd2.Parameters.AddWithValue("@Specialty", "")
cmd2.Connection = dcn
For Each lsi As ListItem In ExpertiseCBL.Items
If lsi.Selected Then
cmd2.Parameters(1).Value = lsi.Text
Dim x2 As String = cmd2.ExecuteScalar.ToString
End If
Next
End Using
Catch ex As Exception
End Try
ClearPage()
Session("VendorId") = x
Response.Redirect("~/Vendors/FinishApp.aspx")
End Using
End Using
Catch ex As Exception
End Try
End Sub
-
Oct 24th, 2009, 10:24 AM
#2
Re: Want to have a page that doesn't really require LOGIN
Hey,
Ok, let me see if I have this right.
You have a page that is protected via a login, that you want people to be able to access, without having to supply a user name and password. Is that about the stretch of it?
If so, why not take this form out of the password protected section of your site. Make it available to any anonymous user.
If this approach won't work, then you might want to think about extending the session timeout to a very high number, so that the session never expires.
Gary
-
Oct 24th, 2009, 03:23 PM
#3
Re: Want to have a page that doesn't really require LOGIN
Do I just put it at the top level with the LOGIN.ASPX page? And then put a button on the LOGIN.ASPX page that re-directs to this page - with them leaving the un/pw blank? Will that work?
Or does the session still timeout.
-
Oct 24th, 2009, 06:33 PM
#4
Re: Want to have a page that doesn't really require LOGIN
I was asked to login sales reps all day OR they logged in once in the morning and it didn't time out for many hours. To get this to work I did 2 things.
1. set the web.config like
Code:
<authentication mode="Forms">
<forms timeout="1000" loginUrl="abc.aspx" name=".abcAUTH" />
</authentication>
2. manually create the auth cookie to set the 1000 minute timeout
Code:
' Create the authentication ticket
Dim authTicket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(1000), True, userData_anyXtraData)
' Now encrypt the ticket.
Dim encryptedTicket As String = FormsAuthentication.Encrypt(authTicket)
' Create a cookie and add the encrypted ticket to the cookie as data.
Dim authCookie As HttpCookie = New HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
' Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie)
' Redirect the user to the originally requested page
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, True))
Just setting the web.config alone didn't work, I don't know why.
Last edited by brin351; Oct 24th, 2009 at 06:35 PM.
Reason: correction
-
Oct 24th, 2009, 06:38 PM
#5
Re: Want to have a page that doesn't really require LOGIN
Thank you - I'll try that. The link at MSDN talked about the auth cookie...
-
Oct 24th, 2009, 06:50 PM
#6
Re: Want to have a page that doesn't really require LOGIN
I had to manual create the auth cookie for a different project and when the long timeout request was made fortunately I had an idea of how to get it to work. It would be nice if the web.config <forms timeout="1000" .. actually did what it appears to state because it's not clearly documented how to set forms auth timout.
-
Oct 25th, 2009, 10:11 AM
#7
Re: Want to have a page that doesn't really require LOGIN
Hey,
It is not actually the sessionState property in the web.config file that you need to change?
http://msdn.microsoft.com/en-us/libr...z9(VS.71).aspx
Gary
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
