|
The login screen comes up contiously even after I give my credencials. It just comes for three times and shows me 401. Error message.
I don't think it has anything to do with my local IE as it works OK when we furnish the admin login of the server when it prompts for username and password
I guess it is something to do with iis trying to access some folder.
We gave everyone access to the physical folder for all the users but still no luck
|
|
|
|
|
It's not seeing your Active Directory. It's working with a local user on the IIS box, right? When you try it with users that aren't local users on that computer, it fails. The "asking three times and giving a 401" is known behavior for when the login is failing. In your case, it's the login itself that is failing, nothing in your code. If the login worked and the application had trouble, you would see a yellow screen of death exception or your custom error page.
SO, I think it's just not able to authenticate AD users - does it work with other LOCAL users on the machine?
Try this article - it's a little more complicated than what you said you did.
Using AD with ASP.Net[^]
Also, remember that "impersonation=true" means that once a user is authenticated, they "impersonate" the ASP.Net user. If you want things to run under the actual user's context then you make impersonation=false. From your first post, I can't tell which method you're trying to do.
|
|
|
|
|
This is what i got as a response in fiddler.
No Proxy-Authorization Header is present.
Authorization Header is present: NTLM
4E 54 4C 4D 53 53 50 00 03 00 00 00 18 00 18 00 NTLMSSP.........
88 00 00 00 88 01 88 01 A0 00 00 00 06 00 06 00 ..... .......
58 00 00 00 0E 00 0E 00 5E 00 00 00 1C 00 1C 00 X.......^.......
6C 00 00 00 00 00 00 00 28 02 00 00 05 82 88 A2 l.......(....¢
06 01 B1 1D 00 00 00 0F 1F 64 08 E3 8A A9 CC 7B ..±......d.ã©Ì{
7E C9 ED 3D FB CD A2 7E 45 00 55 00 52 00 41 00 ~Éí=ûÍ¢~E.U.R.A.
44 00 43 00 58 00 50 00 38 00 38 00 4C 00 45 00 D.C.X.P.8.8.L.E.
31 00 31 00 4E 00 49 00 4D 00 42 00 38 00 56 00 1.1.N.I.M.B.8.V.
57 00 44 00 53 00 31 00 00 00 00 00 00 00 00 00 W.D.S.1.........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
4F DF A3 72 70 D9 4E 45 4D AA 89 FB 27 90 12 74 OߣrpÙNEMªû'.t
01 01 00 00 00 00 00 00 9D 06 28 57 1A 31 CE 01 .........(W.1Î.
EA BC FB C0 0A 85 32 43 00 00 00 00 02 00 06 00 ê¼ûÀ.
2C........
45 00 55 00 52 00 01 00 18 00 57 00 51 00 56 00 E.U.R.....W.Q.V.
53 00 50 00 41 00 56 00 59 00 44 00 4D 00 30 00 S.P.A.V.Y.D.M.0.
36 00 04 00 22 00 65 00 75 00 72 00 2E 00 62 00 6...".e.u.r...b.
6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 n.y.m.e.l.l.o.n.
2E 00 6E 00 65 00 74 00 03 00 3C 00 57 00 51 00 ..n.e.t...<.W.Q.
56 00 53 00 50 00 41 00 56 00 59 00 44 00 4D 00 V.S.P.A.V.Y.D.M.
30 00 36 00 2E 00 65 00 75 00 72 00 2E 00 62 00 0.6...e.u.r...b.
6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 n.y.m.e.l.l.o.n.
2E 00 6E 00 65 00 74 00 05 00 1A 00 62 00 6E 00 ..n.e.t.....b.n.
79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 2E 00 y.m.e.l.l.o.n...
6E 00 65 00 74 00 07 00 08 00 9D 06 28 57 1A 31 n.e.t......(W.1
CE 01 06 00 04 00 02 00 00 00 08 00 30 00 30 00 Î...........0.0.
00 00 00 00 00 00 00 00 00 00 00 20 00 00 84 8F ........... ..
59 77 D7 C1 7F B3 48 CF 72 EA AC F3 10 C6 3D 7D Yw×Á³HÏrê¬ó.Æ=}
86 0E DA D2 F5 8B D3 DF D5 FB 9C F1 72 C0 0A 00 .ÚÒõÓßÕûñrÀ..
10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 09 00 46 00 48 00 54 00 54 00 50 00 2F 00 ....F.H.T.T.P./.
77 00 71 00 76 00 73 00 70 00 61 00 76 00 79 00 w.q.v.s.p.a.v.y.
64 00 6D 00 30 00 36 00 2E 00 65 00 75 00 72 00 d.m.0.6...e.u.r.
2E 00 62 00 6E 00 79 00 6D 00 65 00 6C 00 6C 00 ..b.n.y.m.e.l.l.
6F 00 6E 00 2E 00 6E 00 65 00 74 00 00 00 00 00 o.n...n.e.t.....
00 00 00 00 00 00 00 00 ........
-[NTLM Type3: Authentication]------------------------------
Provider: NTLMSSP
Type: 3
OS Version: 6.1:7601
Flags: 0xa2888205
Unicode supported in security buffer.
Request server's authentication realm included in Type2 reply.
NTLM authentication.
Negotiate Always Sign.
Negotiate NTLM2 Key.
Target Information block provided for use in calculation of the NTLMv2 response.
Supports 56-bit encryption.
Supports 128-bit encryption.
lmresp_Offset: 136; lmresp_Length: 24; lmresp_Length2: 24
ntresp_Offset: 160; ntresp_Length: 392; ntresp_Length2: 392
Domain_Offset: 88; Domain_Length: 6; Domain_Length2: 6
User_Offset: 94; User_Length: 14; User_Length2: 14
Host_Offset: 108; Host_Length: 28; Host_Length2: 28
msg_len: 552
Any ideas please?
|
|
|
|
|
That doesn't really tell you anything useful, only what kinds of requests are possible. This is a security process - it is deliberately designed to be hard to figure out. I can't really help beyond the article I posted. You need to look at every tiny little detail in that article and make sure you have it right. Security systems are designed to fail if any tiny little thing is wrong, and you're running into some little problem in your setup somewhere. That article should be able to tell you what it is, but you're going to have to take a couple days maybe and look at it in detail.
|
|
|
|
|
Thanks for taking the time to read through this.
My department is the sponsor of an internal Asp.Net app (.aspx format) that selected people use to provide details on proposed projects. In the beginning stages of the project they log in to the app, create a record for the new project, and download an Excel file (.xlsx format) from the webpage for entering the project's budget. When they're done they can click a button to upload the file to the server. This has all worked fine for 3 years, mechanically, but the Excel file is really rudimentary and doesn't give management sufficient detail about the projects.
Now we've created a more robust budget file in Excel, but it absolutely relies on macros. We've heard some rumblings from the .Net programmers that the app may not be able to handle an xlsm file format due to innate Asp.Net security around Office documents that contain VBA code.
Anybody have any first hand knowledge about this? I'm just looking for an answer of the sort 1) no problem at all, 2) can't be done, no way around it, 3) it can be done without too much brain damage, or 4) it's going to take a real pro a lot of time to do it.
Thanks again
|
|
|
|
|
Hmm: take a look at VSTO[^] - might be of help.
"If you think it's expensive to hire a professional to do the job, wait until you hire an amateur." Red Adair.
nils illegitimus carborundum
me, me, me
|
|
|
|
|
Thanks Mark, but I think VSTO doesn't apply here. We don't need to do anything more to the new Excel file.
It's more a question of whether there is anything in ASP.Net itself that would prohibit it from either serving a macro file to a user or allowing the user to upload the completed file with macros to the server
|
|
|
|
|
Not that I can think of: it's just a file: asp.net doesn't care about what's inside it if all you do is download/upload.
"If you think it's expensive to hire a professional to do the job, wait until you hire an amateur." Red Adair.
nils illegitimus carborundum
me, me, me
|
|
|
|
|
The problems are on the user's end... when you download a file with macros, it will come up with a security warning - but as I said below, users never read those anyway - they won't even notice it.
|
|
|
|
|
That stuff sounds too important to be using Excel for it?
YES, it can be done, but it depends on how the file is being created. If you're inserting data into an Excel sheet that already has the macros and formulas, then it's possible, and actually better to do directly in Excel than to use Office Interop and create the file with ASP then send it to the user. Just create an Excel sheet that downloads its data from the database.
http://office.microsoft.com/en-us/excel-help/connect-to-import-sql-server-data-HA010217956.aspx[^]
Using Office Interop to create the Excel sheet and send it back to the user doesn't have any security problems you can't get around. Users will have to confirm some dialog boxes, which they never read anyway. However, the Office Interop stuff falls into category 4 - it's hard to do to begin with, and very hard to maintain. I'll send you some of my Interop code if you want to see - it's explicit, ugly, verbose, hard-coded stuff. (now, that was a few years ago, so it might be better now, but I doubt it)
To test your security, you might want to just put a file up there that has the features you want, and give some users the link to it. Downloading it from IIS as a file should be almost the same as streaming it back from a page.
Still, this sounds like a horrible way to manage budgets! Teach these folks about accounting software and reporting tools and get them out of your hair!
|
|
|
|
|
Hi,
I need to create MS Excel file from DataTable in ASP.NET application. I don't need "SaveAs" dialog. Just create a file and save them to some folder.
I've searched the internet and found some examples how to do that by using Microsoft Excel Interop library. But, I can't use Excel Interop library. Is there any other way to do it?
Thank you in advance.
Goran
|
|
|
|
|
|
If you don't need special formatting or formulas then just drop the file as CSV. Excel will open CSV files with or without column names as the first row. Your question doesn't include any requirements that aren't met by a CSV file. And yes, I agree, using the Office Interop stuff is horrifying - I wrote an article about it years ago, and I still get questions on that article today. It's pretty tricky.
|
|
|
|
|
Yes. We can create CSV file instead of XLS. But, there's only one thing that could be a little bit undesired - wizard that opens CSV file. I'm not sure, but I think MS Excel cannot open CSV file directly without using wizard. Is that right?
|
|
|
|
|
Nope. Excel can open a CSV file directly.
|
|
|
|
|
Right, and any of those security dialogs that come up - the users don't even notice that stuff. Even if the conversion wizard does come up, the users probably won't care. They complete those tasks by rote - it's a bad habit really, but it's not a huge interruption to their day. Which is not to say you shouldn't worry about it - it's a legitimate concern, but it's not as big a problem as we sometimes think.
|
|
|
|
|
Hi guys,
I am building a report, in the report i should display 7 site name with check box, and if the report belongs to 1st site that check box should be checked, if the report belongs 2 sites it should check both 1st and 3rd
any help will be appreciated.
Thanks and regards
VISHWA
|
|
|
|
|
Hi,
Basically you are going to print your report. So why don't you create jpg for checked and unchecked display. if report belong to 1st site then display checked jpg in that one and otherwise default one. and for two sites you can change checked jpg for those options.
It will look similar like it is checkbox. I suggest this solution because i do not have idea about checkbox in report. sorry for that.
Thanks
-Amit Gajjar (MinterProject)
|
|
|
|
|
Hi Amit,
Thanks for the reply, I was also thought the same, but not having idea how to make jpg files should be display depends on the condition, so put a question on the form, will try the possible ways,
Thanks and regards
Vishwa
|
|
|
|
|
Your welcome
Thanks
-Amit Gajjar (MinterProject)
|
|
|
|
|
There is a physical html file and I need to traverse through all the html elements in an html file.
And the constraint is I can't use any third party components like HtmlAgilityPack or SuperStarHtml.
I think the best way is to preparing a XmlDocument from the html. But it is erroring out if the html contains any characters like .
Anyone having any idea to resolve this please share with me.
Thanks in advance.
|
|
|
|
|
HTML is not XML; you can't use an XML parser to load HTML.
Why can't you use a third-party component? Writing your own version of HtmlAgilityPack seems like a lot of work to satisfy a "Not Invented Here" philosophy.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
I have developed a custom Comment Control using class library file
now i want to use the dll of this file in web application which is developing on MVC Framework
so what are the ways of adding and using this dll in this project
|
|
|
|
|
Are you having trouble with the normal ways? You know, adding the DLL directly as a reference, or adding your whole project and referencing the project?
|
|
|
|
|
I have added dll file in project reference, bin folder as well as bin_deployableAssemblies
now i want use this control in .cshtml file
how can i write syntax for use this control in this file
|
|
|
|