Stack Overflow
Stack Overflow

Questions tagged [.aspxauth]

Cookie generated by remote server that identifies the user and allows authentication to the server. The contents of the cookie is signed and encrypted.

Cookie generated by remote server that identifies the user and allows authentication to the server. The contents of the cookie is signed and encrypted.

More: what is ASPXAUTH cookie?

64 questions
30
votes
19 answers

User.IsInRole doesn't work

I have ASP.NET MVC 4 application. I use Simple Membership Provider allowing to tick remember me checkbox under login form. If ticked, persitent cookie .ASPXAUTH is created which expires 100 days from login date. And everything works fine, apart of…
Bartosz
  • 4,542
  • 11
  • 43
  • 69
9
votes
3 answers

Trying to connect to ASPX site using CURL?

I am trying to log into this url: http://www.kalahari.com/marketplace/default.aspx The two fields that are being submitted are…
rockstardev
  • 13,479
  • 39
  • 164
  • 296
8
votes
1 answer

What is the content of ASP.NET FormsAuthentication cookie value?

What is the content of ASP.NET FormsAuthentication cookie value? How can I see the real value of the hashed string (in case that I have the decrypted key)?
stacker
  • 14,641
  • 17
  • 46
  • 74
7
votes
2 answers

Simplemembership ASPXAUTH cookie validating on two separate web projects

I am working on an ASP.NET MVC4 project using SimpleMembership, which generates an ASPXAUTH cookie when you are logged in. It seems to be working just fine, but then today I opened up another MVC4 project, only to notice that I was already logged…
Ron Penton
  • 1,511
  • 1
  • 12
  • 24
5
votes
1 answer

Penetration testers say that the .ASPXAUTH cookie is insecure and is displaying session data?

I thought the .ASPXAUTH was for user authentication? Can anyone confirm if this cookie is indeed a security risk and/or contains session information? Is it even suppose to be used or is it some debug thing?
MetaGuru
  • 42,847
  • 67
  • 188
  • 294
4
votes
2 answers

Public ASPXAUTH cookie and security

Due to a bug in Flash, I have to use the ASPXAuth cookie to log a user in on a page that a flash upload script calls after upload. See this page for more information: Link I have to make the ASPXAUTH string "public" in the sense that it will be in…
Bara
  • 1,113
  • 6
  • 18
  • 28
3
votes
1 answer

Expire ASPXAUTH Cookie when browser closes

I'm creating an ASPXAUTH cookie by using the following code var authTicket = new FormsAuthenticationTicket(2, model.Name, DateTime.Now, DateTime.Now.AddMinutes(ConfigSettings.SessionTimeout), false, result.UniqueId.ToString()); …
keitn
  • 1,288
  • 2
  • 19
  • 43
3
votes
1 answer

MVC 4 Chrome requires user to log in twice

This is a really annoying issue and i don't know where to start to look to resolve it. This issue does not happen when i run the code locally, only when i run it on the live environment. I know i am missing something, and its probably obvious i just…
KevDevMan
  • 808
  • 11
  • 23
3
votes
1 answer

Webclient.DownloadFile() .aspx file won't open

I'm using powershell for the first time. I've learned how to download files using a webclient, using the following code. $client = New-Object System.NET.Webclient $client.DownloadFile( $url, $path ) This seems to work nicely for what I am trying to…
Johnny Flowers
  • 41
  • 2
  • 3
3
votes
2 answers

How can I maintain .aspxauth session cookie between website and virtual app?

We have our production website in .net and a third party web app that runs as a virtual application from the website. I have been tasked with maintaining the session time out between the website and the third party app. i.e. as long as the user is…
Brian
  • 2,229
  • 17
  • 24
3
votes
2 answers

Set / update expiration on aspxauth and asp.net_sessionid cookies

I am wondering if there is a way you can setup your .NET application to set and update the expiration time of the aspxauth and asp.net_sessionid cookies in the browser? From what I see, the cookies' expiration dates are something like 1/1/0001…
rusty
  • 499
  • 1
  • 5
  • 19
2
votes
1 answer

iOS AFNetworking - ASP.NET Web API .ASPXAUTH storage and deletion

I'm using the AFNetworking Framework for iOS. I've subclassed AFHttpClient and are using it as a singleton, i.e. [TestAFClient sharedClient] I'm consuming an ASP.NET Web Service API that requires the use of the .ASPXAUTH cookie. First I have to…
Robby Cohen
  • 497
  • 6
  • 21
2
votes
2 answers

Web.config and MySQL Issues.

Long and short my machine had issues and I had to rebuild it. I reinstalled all my software and put my project backups back on the machine. I have been trying to solve SQL connect issues that I just can't get around. So after going through many…
StephanM
  • 733
  • 3
  • 22
  • 36
2
votes
1 answer

ASPXAUTH cookie issue in Azure AD login

I have using azure AD login option for office 365, I am using 2 separate client applications in my Azure AD for my production and development site, like below, production: https://samples@company.com (secured site) development:…
Nagaraj M
  • 480
  • 3
  • 17
2
votes
1 answer

How to check if .ASPXAUTH cookie exists with javascript

I have a strange problem. I want to check if .ASPXAUTH cookie exists with javascript. I do it like this: authx = document.cookie.indexOf(".ASPXAUTH" + "="); and the 'authx' value is always -1. But if I tray to find some other cookie like: foo =…
dani
  • 469
  • 3
  • 12
  • 23
1
2 3 4 5