mixed mode authentication + no postbacks

Discussion in 'ASP .Net Security' started by domagoj@community.nospam, May 13, 2008.

  1. Guest

    Hi there

    I implemented a mixed mode authentication as follows:
    main site using forms authentication
    redirector site using windows authentication, creates a forms
    authentication cookie and redirects to main site

    the problem is if i go to the main site everything works fine

    if i go to the redirector site it redirects to the main site ( as
    expected, cookie is generated as expected and in site
    Context.Current.User is set as expected ) but no postbacks occur
    anymore, even if i logout an logon to the main site problem resides, i
    figured out that any "redirector" site protected by windows
    authentication redirecting to my site causes postbacks to not function
    anymore.

    I tried the sample from Microsoft Press Book "Developing More-Secure
    Microsoft® ASP.NET 2.0 Applications" and same thing happened.

    My config Vista SP1 .NET 3.5
    or 2003 R2 .NET 3.5

    Applications are .NET 2.0 applications

    tia dom
     
    , May 13, 2008
    #1
    1. Advertising

  2. Hi tia,

    From your description, you've applied a custom mixed authenitcation in your
    ASP.NET web application,and the windows authentication module will generate
    forms authentication cookie and redirect user to formsauthentication site.
    However, you found that after redirected from windows authenticatino site,
    any page postback operation no longer work, correct?

    If this is the case, I think the behavior is quite unexpected. As for the
    postback not work, do you mean even putting a typical submit button(and
    click it) will not cause page to postback? Or if the client-side browser
    does perform the postback and server-side didn't show any reflection or
    return any response? I'm still not quite sure about the exact result and
    behavior when you go through the redirector module and return to main site
    pages. Is there any particular error message?

    Sincerely,

    Steven Cheng

    Microsoft MSDN Online Support Lead


    Delighting our customers is our #1 priority. We welcome your comments and
    suggestions about how we can improve the support we provide to you. Please
    feel free to let my manager know what you think of the level of service
    provided. You can send feedback directly to my manager at:
    .

    ==================================================
    Get notification to my posts through email? Please refer to
    http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    ications.

    Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
    where an initial response from the community or a Microsoft Support
    Engineer within 1 business day is acceptable. Please note that each follow
    up response may take approximately 2 business days as the support
    professional working with you may need further investigation to reach the
    most efficient resolution. The offering is not appropriate for situations
    that require urgent, real-time or phone-based interactions or complex
    project analysis and dump analysis issues. Issues of this nature are best
    handled working with a dedicated Microsoft Support Engineer by contacting
    Microsoft Customer Support Services (CSS) at
    http://msdn.microsoft.com/subscriptions/support/default.aspx.
    ==================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.


    --------------------
    >Date: Tue, 13 May 2008 08:44:02 +0200
    >From: "" <>
    >User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    >MIME-Version: 1.0
    >Subject: mixed mode authentication + no postbacks


    >
    >Hi there
    >
    >I implemented a mixed mode authentication as follows:
    > main site using forms authentication
    > redirector site using windows authentication, creates a forms
    >authentication cookie and redirects to main site
    >
    >the problem is if i go to the main site everything works fine
    >
    >if i go to the redirector site it redirects to the main site ( as
    >expected, cookie is generated as expected and in site
    >Context.Current.User is set as expected ) but no postbacks occur
    >anymore, even if i logout an logon to the main site problem resides, i
    >figured out that any "redirector" site protected by windows
    >authentication redirecting to my site causes postbacks to not function
    >anymore.
    >
    >I tried the sample from Microsoft Press Book "Developing More-Secure
    >Microsoft?ASP.NET 2.0 Applications" and same thing happened.
    >
    >My config Vista SP1 .NET 3.5
    >or 2003 R2 .NET 3.5
    >
    >Applications are .NET 2.0 applications
    >
    >tia dom
    >
     
    Steven Cheng [MSFT], May 13, 2008
    #2
    1. Advertising

  3. Guest

    Steven Cheng [MSFT] wrote:
    > Hi tia,
    >
    > From your description, you've applied a custom mixed authenitcation in your
    > ASP.NET web application,and the windows authentication module will generate
    > forms authentication cookie and redirect user to formsauthentication site.
    > However, you found that after redirected from windows authenticatino site,
    > any page postback operation no longer work, correct?
    >
    > If this is the case, I think the behavior is quite unexpected. As for the
    > postback not work, do you mean even putting a typical submit button(and
    > click it) will not cause page to postback? Or if the client-side browser
    > does perform the postback and server-side didn't show any reflection or
    > return any response? I'm still not quite sure about the exact result and
    > behavior when you go through the redirector module and return to main site
    > pages. Is there any particular error message?
    >
    > Sincerely,
    >
    > Steven Cheng
    >
    > Microsoft MSDN Online Support Lead
    >
    >
    > Delighting our customers is our #1 priority. We welcome your comments and
    > suggestions about how we can improve the support we provide to you. Please
    > feel free to let my manager know what you think of the level of service
    > provided. You can send feedback directly to my manager at:
    > .
    >
    > ==================================================
    > Get notification to my posts through email? Please refer to
    > http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    > ications.
    >
    > Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
    > where an initial response from the community or a Microsoft Support
    > Engineer within 1 business day is acceptable. Please note that each follow
    > up response may take approximately 2 business days as the support
    > professional working with you may need further investigation to reach the
    > most efficient resolution. The offering is not appropriate for situations
    > that require urgent, real-time or phone-based interactions or complex
    > project analysis and dump analysis issues. Issues of this nature are best
    > handled working with a dedicated Microsoft Support Engineer by contacting
    > Microsoft Customer Support Services (CSS) at
    > http://msdn.microsoft.com/subscriptions/support/default.aspx.
    > ==================================================
    > This posting is provided "AS IS" with no warranties, and confers no rights.
    >
    >
    > --------------------
    >> Date: Tue, 13 May 2008 08:44:02 +0200
    >> From: "" <>
    >> User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    >> MIME-Version: 1.0
    >> Subject: mixed mode authentication + no postbacks

    >
    >> Hi there
    >>
    >> I implemented a mixed mode authentication as follows:
    >> main site using forms authentication
    >> redirector site using windows authentication, creates a forms
    >> authentication cookie and redirects to main site
    >>
    >> the problem is if i go to the main site everything works fine
    >>
    >> if i go to the redirector site it redirects to the main site ( as
    >> expected, cookie is generated as expected and in site
    >> Context.Current.User is set as expected ) but no postbacks occur
    >> anymore, even if i logout an logon to the main site problem resides, i
    >> figured out that any "redirector" site protected by windows
    >> authentication redirecting to my site causes postbacks to not function
    >> anymore.
    >>
    >> I tried the sample from Microsoft Press Book "Developing More-Secure
    >> Microsoft?ASP.NET 2.0 Applications" and same thing happened.
    >>
    >> My config Vista SP1 .NET 3.5
    >> or 2003 R2 .NET 3.5
    >>
    >> Applications are .NET 2.0 applications
    >>
    >> tia dom
    >>

    >


    correct, no button or any other method to trigger postback works
    anymore, ispostback is always false and no viewstate form fiels is sent
    to server anymore

    i wrote a small webapp with one page and one button, by clicking the
    button the app creates a authcookie(always with same information within
    it) and redirects to my app, if i set authentication for this app to
    forms or none everything works as expected, but if i set the
    authentication to windows the problem same as described in my post

    i figured out that browser sends the authentication handshakes if
    redirect from windows authorized webapp and on every "postback" ist one more

    tia dom
     
    , May 13, 2008
    #3
  4. I know the sample from the book you are talking about ;)

    The behavior you describe is very unexpected. Do you have another test machine
    to verify this?

    -----
    Dominick Baier (http://www.leastprivilege.com)

    Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

    > Steven Cheng [MSFT] wrote:
    >
    >> Hi tia,
    >>
    >> From your description, you've applied a custom mixed authenitcation
    >> in your ASP.NET web application,and the windows authentication module
    >> will generate forms authentication cookie and redirect user to
    >> formsauthentication site. However, you found that after redirected
    >> from windows authenticatino site, any page postback operation no
    >> longer work, correct?
    >>
    >> If this is the case, I think the behavior is quite unexpected. As for
    >> the postback not work, do you mean even putting a typical submit
    >> button(and click it) will not cause page to postback? Or if the
    >> client-side browser does perform the postback and server-side didn't
    >> show any reflection or return any response? I'm still not quite sure
    >> about the exact result and behavior when you go through the
    >> redirector module and return to main site pages. Is there any
    >> particular error message?
    >>
    >> Sincerely,
    >>
    >> Steven Cheng
    >>
    >> Microsoft MSDN Online Support Lead
    >>
    >> Delighting our customers is our #1 priority. We welcome your comments
    >> and suggestions about how we can improve the support we provide to
    >> you. Please feel free to let my manager know what you think of the
    >> level of service provided. You can send feedback directly to my
    >> manager at: .
    >>
    >> ==================================================
    >> Get notification to my posts through email? Please refer to
    >> http://msdn.microsoft.com/subscriptions/managednewsgroups/default.asp
    >> x#notif
    >> ications.
    >> Note: The MSDN Managed Newsgroup support offering is for non-urgent
    >> issues
    >> where an initial response from the community or a Microsoft Support
    >> Engineer within 1 business day is acceptable. Please note that each
    >> follow
    >> up response may take approximately 2 business days as the support
    >> professional working with you may need further investigation to reach
    >> the
    >> most efficient resolution. The offering is not appropriate for
    >> situations
    >> that require urgent, real-time or phone-based interactions or complex
    >> project analysis and dump analysis issues. Issues of this nature are
    >> best
    >> handled working with a dedicated Microsoft Support Engineer by
    >> contacting
    >> Microsoft Customer Support Services (CSS) at
    >> http://msdn.microsoft.com/subscriptions/support/default.aspx.
    >> ==================================================
    >> This posting is provided "AS IS" with no warranties, and confers no
    >> rights.
    >> --------------------
    >>
    >>> Date: Tue, 13 May 2008 08:44:02 +0200
    >>> From: "" <>
    >>> User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    >>> MIME-Version: 1.0
    >>> Subject: mixed mode authentication + no postbacks
    >>> Hi there
    >>>
    >>> I implemented a mixed mode authentication as follows:
    >>> main site using forms authentication
    >>> redirector site using windows authentication, creates a forms
    >>> authentication cookie and redirects to main site
    >>> the problem is if i go to the main site everything works fine
    >>>
    >>> if i go to the redirector site it redirects to the main site ( as
    >>> expected, cookie is generated as expected and in site
    >>> Context.Current.User is set as expected ) but no postbacks occur
    >>> anymore, even if i logout an logon to the main site problem resides,
    >>> i figured out that any "redirector" site protected by windows
    >>> authentication redirecting to my site causes postbacks to not
    >>> function anymore.
    >>>
    >>> I tried the sample from Microsoft Press Book "Developing More-Secure
    >>> Microsoft?ASP.NET 2.0 Applications" and same thing happened.
    >>>
    >>> My config Vista SP1 .NET 3.5
    >>> or 2003 R2 .NET 3.5
    >>> Applications are .NET 2.0 applications
    >>>
    >>> tia dom
    >>>

    > correct, no button or any other method to trigger postback works
    > anymore, ispostback is always false and no viewstate form fiels is
    > sent to server anymore
    >
    > i wrote a small webapp with one page and one button, by clicking the
    > button the app creates a authcookie(always with same information
    > within it) and redirects to my app, if i set authentication for this
    > app to forms or none everything works as expected, but if i set the
    > authentication to windows the problem same as described in my post
    >
    > i figured out that browser sends the authentication handshakes if
    > redirect from windows authorized webapp and on every "postback" ist
    > one more
    >
    > tia dom
    >
     
    Dominick Baier, May 14, 2008
    #4
  5. Thanks for your reply Tia,

    #Web Development Helper



    --------------------
    >Date: Tue, 13 May 2008 12:47:29 +0200
    >MIME-Version: 1.0
    >Subject: Re: mixed mode authentication + no postbacks


    >
    >Steven Cheng [MSFT] wrote:
    >> Hi tia,
    >>
    >> From your description, you've applied a custom mixed authenitcation in

    your
    >> ASP.NET web application,and the windows authentication module will

    generate
    >> forms authentication cookie and redirect user to formsauthentication

    site.
    >> However, you found that after redirected from windows authenticatino

    site,
    >> any page postback operation no longer work, correct?
    >>
    >> If this is the case, I think the behavior is quite unexpected. As for

    the
    >> postback not work, do you mean even putting a typical submit button(and
    >> click it) will not cause page to postback? Or if the client-side browser
    >> does perform the postback and server-side didn't show any reflection or
    >> return any response? I'm still not quite sure about the exact result

    and
    >> behavior when you go through the redirector module and return to main

    site
    >> pages. Is there any particular error message?
    >>
    >> Sincerely,
    >>
    >> Steven Cheng
    >>
    >> Microsoft MSDN Online Support Lead
    >>
    >>
    >> Delighting our customers is our #1 priority. We welcome your comments

    and
    >> suggestions about how we can improve the support we provide to you.

    Please
    >> feel free to let my manager know what you think of the level of service
    >> provided. You can send feedback directly to my manager at:
    >> .
    >>
    >> ==================================================
    >> Get notification to my posts through email? Please refer to
    >>

    http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    >> ications.
    >>
    >> Note: The MSDN Managed Newsgroup support offering is for non-urgent

    issues
    >> where an initial response from the community or a Microsoft Support
    >> Engineer within 1 business day is acceptable. Please note that each

    follow
    >> up response may take approximately 2 business days as the support
    >> professional working with you may need further investigation to reach

    the
    >> most efficient resolution. The offering is not appropriate for

    situations
    >> that require urgent, real-time or phone-based interactions or complex
    >> project analysis and dump analysis issues. Issues of this nature are

    best
    >> handled working with a dedicated Microsoft Support Engineer by

    contacting
    >> Microsoft Customer Support Services (CSS) at
    >> http://msdn.microsoft.com/subscriptions/support/default.aspx.
    >> ==================================================
    >> This posting is provided "AS IS" with no warranties, and confers no

    rights.
    >>
    >>
    >> --------------------
    >>> Date: Tue, 13 May 2008 08:44:02 +0200
    >>> From: "" <>
    >>> User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    >>> MIME-Version: 1.0
    >>> Subject: mixed mode authentication + no postbacks

    >>
    >>> Hi there
    >>>
    >>> I implemented a mixed mode authentication as follows:
    >>> main site using forms authentication
    >>> redirector site using windows authentication, creates a forms
    >>> authentication cookie and redirects to main site
    >>>
    >>> the problem is if i go to the main site everything works fine
    >>>
    >>> if i go to the redirector site it redirects to the main site ( as
    >>> expected, cookie is generated as expected and in site
    >>> Context.Current.User is set as expected ) but no postbacks occur
    >>> anymore, even if i logout an logon to the main site problem resides, i
    >>> figured out that any "redirector" site protected by windows
    >>> authentication redirecting to my site causes postbacks to not function
    >>> anymore.
    >>>
    >>> I tried the sample from Microsoft Press Book "Developing More-Secure
    >>> Microsoft?ASP.NET 2.0 Applications" and same thing happened.
    >>>
    >>> My config Vista SP1 .NET 3.5
    >>> or 2003 R2 .NET 3.5
    >>>
    >>> Applications are .NET 2.0 applications
    >>>
    >>> tia dom
    >>>

    >>

    >
    >correct, no button or any other method to trigger postback works
    >anymore, ispostback is always false and no viewstate form fiels is sent
    >to server anymore
    >
    >i wrote a small webapp with one page and one button, by clicking the
    >button the app creates a authcookie(always with same information within
    >it) and redirects to my app, if i set authentication for this app to
    >forms or none everything works as expected, but if i set the
    >authentication to windows the problem same as described in my post
    >
    >i figured out that browser sends the authentication handshakes if
    >redirect from windows authorized webapp and on every "postback" ist one

    more
    >
    >tia dom
    >
     
    Steven Cheng [MSFT], May 14, 2008
    #5
  6. Hi Tia,

    You can try the web development helper which can capture http messages
    between browser and webserver:

    #Web Development Helper
    http://projects.nikhilk.net/webdevhelper/

    Sincerely,

    Steven Cheng

    Microsoft MSDN Online Support Lead


    Delighting our customers is our #1 priority. We welcome your comments and
    suggestions about how we can improve the support we provide to you. Please
    feel free to let my manager know what you think of the level of service
    provided. You can send feedback directly to my manager at:
    .

    ==================================================
    Get notification to my posts through email? Please refer to
    http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    ications.

    ==================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    >Date: Tue, 13 May 2008 12:47:29 +0200
    >From: "" <>
    >User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    >MIME-Version: 1.0
    >Subject: Re: mixed mode authentication + no postbacks


    >
    >Steven Cheng [MSFT] wrote:
    >> Hi tia,
    >>
    >> From your description, you've applied a custom mixed authenitcation in

    your
    >> ASP.NET web application,and the windows authentication module will

    generate
    >> forms authentication cookie and redirect user to formsauthentication

    site.
    >> However, you found that after redirected from windows authenticatino

    site,
    >> any page postback operation no longer work, correct?
    >>
    >> If this is the case, I think the behavior is quite unexpected. As for

    the
    >> postback not work, do you mean even putting a typical submit button(and
    >> click it) will not cause page to postback? Or if the client-side browser
    >> does perform the postback and server-side didn't show any reflection or
    >> return any response? I'm still not quite sure about the exact result

    and
    >> behavior when you go through the redirector module and return to main

    site
    >> pages. Is there any particular error message?
    >>
    >> Sincerely,
    >>
    >> Steven Cheng
    >>
    >> Microsoft MSDN Online Support Lead
    >>
    >>
    >> Delighting our customers is our #1 priority. We welcome your comments

    and
    >> suggestions about how we can improve the support we provide to you.

    Please
    >> feel free to let my manager know what you think of the level of service
    >> provided. You can send feedback directly to my manager at:
    >> .
    >>
    >> ==================================================
    >> Get notification to my posts through email? Please refer to
    >>

    http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    >> ications.
    >>
    >> Note: The MSDN Managed Newsgroup support offering is for non-urgent

    issues
    >> where an initial response from the community or a Microsoft Support
    >> Engineer within 1 business day is acceptable. Please note that each

    follow
    >> up response may take approximately 2 business days as the support
    >> professional working with you may need further investigation to reach

    the
    >> most efficient resolution. The offering is not appropriate for

    situations
    >> that require urgent, real-time or phone-based interactions or complex
    >> project analysis and dump analysis issues. Issues of this nature are

    best
    >> handled working with a dedicated Microsoft Support Engineer by

    contacting
    >> Microsoft Customer Support Services (CSS) at
    >> http://msdn.microsoft.com/subscriptions/support/default.aspx.
    >> ==================================================
    >> This posting is provided "AS IS" with no warranties, and confers no

    rights.
    >>
    >>
    >> --------------------
    >>> Date: Tue, 13 May 2008 08:44:02 +0200
    >>> From: "" <>
    >>> User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    >>> MIME-Version: 1.0
    >>> Subject: mixed mode authentication + no postbacks

    >>
    >>> Hi there
    >>>
    >>> I implemented a mixed mode authentication as follows:
    >>> main site using forms authentication
    >>> redirector site using windows authentication, creates a forms
    >>> authentication cookie and redirects to main site
    >>>
    >>> the problem is if i go to the main site everything works fine
    >>>
    >>> if i go to the redirector site it redirects to the main site ( as
    >>> expected, cookie is generated as expected and in site
    >>> Context.Current.User is set as expected ) but no postbacks occur
    >>> anymore, even if i logout an logon to the main site problem resides, i
    >>> figured out that any "redirector" site protected by windows
    >>> authentication redirecting to my site causes postbacks to not function
    >>> anymore.
    >>>
    >>> I tried the sample from Microsoft Press Book "Developing More-Secure
    >>> Microsoft?ASP.NET 2.0 Applications" and same thing happened.
    >>>
    >>> My config Vista SP1 .NET 3.5
    >>> or 2003 R2 .NET 3.5
    >>>
    >>> Applications are .NET 2.0 applications
    >>>
    >>> tia dom
    >>>

    >>

    >
    >correct, no button or any other method to trigger postback works
    >anymore, ispostback is always false and no viewstate form fiels is sent
    >to server anymore
    >
    >i wrote a small webapp with one page and one button, by clicking the
    >button the app creates a authcookie(always with same information within
    >it) and redirects to my app, if i set authentication for this app to
    >forms or none everything works as expected, but if i set the
    >authentication to windows the problem same as described in my post
    >
    >i figured out that browser sends the authentication handshakes if
    >redirect from windows authorized webapp and on every "postback" ist one

    more
    >
    >tia dom
    >
     
    Steven Cheng [MSFT], May 14, 2008
    #6
  7. Hi tia ,

    Have you got any progress on this? If you need any further help, please
    feel free to let me know.

    Sincerely,

    Steven Cheng

    Microsoft MSDN Online Support Lead


    Delighting our customers is our #1 priority. We welcome your comments and
    suggestions about how we can improve the support we provide to you. Please
    feel free to let my manager know what you think of the level of service
    provided. You can send feedback directly to my manager at:
    .

    ==================================================
    Get notification to my posts through email? Please refer to
    http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    ications.
    ==================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.
    --------------------
    >Content-Transfer-Encoding: 7bit
    >From: (Steven Cheng [MSFT])
    >Organization: Microsoft
    >Date: Wed, 14 May 2008 02:30:38 GMT
    >Subject: Re: mixed mode authentication + no postbacks


    >
    >Thanks for your reply Tia,
    >
    >#Web Development Helper
    >
    >
    >
    >--------------------
    >>Date: Tue, 13 May 2008 12:47:29 +0200
    >>MIME-Version: 1.0
    >>Subject: Re: mixed mode authentication + no postbacks

    >
    >>
    >>Steven Cheng [MSFT] wrote:
    >>> Hi tia,
    >>>
    >>> From your description, you've applied a custom mixed authenitcation in

    >your
    >>> ASP.NET web application,and the windows authentication module will

    >generate
    >>> forms authentication cookie and redirect user to formsauthentication

    >site.
    >>> However, you found that after redirected from windows authenticatino

    >site,
    >>> any page postback operation no longer work, correct?
    >>>
    >>> If this is the case, I think the behavior is quite unexpected. As for

    >the
    >>> postback not work, do you mean even putting a typical submit button(and
    >>> click it) will not cause page to postback? Or if the client-side

    browser
    >>> does perform the postback and server-side didn't show any reflection or
    >>> return any response? I'm still not quite sure about the exact result

    >and
    >>> behavior when you go through the redirector module and return to main

    >site
    >>> pages. Is there any particular error message?
    >>>
    >>> Sincerely,
    >>>
    >>> Steven Cheng
    >>>
    >>> Microsoft MSDN Online Support Lead
    >>>
    >>>
    >>> Delighting our customers is our #1 priority. We welcome your comments

    >and
    >>> suggestions about how we can improve the support we provide to you.

    >Please
    >>> feel free to let my manager know what you think of the level of service
    >>> provided. You can send feedback directly to my manager at:
    >>> .
    >>>
    >>> ==================================================
    >>> Get notification to my posts through email? Please refer to
    >>>

    >http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#noti

    f
    >>> ications.
    >>>
    >>> Note: The MSDN Managed Newsgroup support offering is for non-urgent

    >issues
    >>> where an initial response from the community or a Microsoft Support
    >>> Engineer within 1 business day is acceptable. Please note that each

    >follow
    >>> up response may take approximately 2 business days as the support
    >>> professional working with you may need further investigation to reach

    >the
    >>> most efficient resolution. The offering is not appropriate for

    >situations
    >>> that require urgent, real-time or phone-based interactions or complex
    >>> project analysis and dump analysis issues. Issues of this nature are

    >best
    >>> handled working with a dedicated Microsoft Support Engineer by

    >contacting
    >>> Microsoft Customer Support Services (CSS) at
    >>> http://msdn.microsoft.com/subscriptions/support/default.aspx.
    >>> ==================================================
    >>> This posting is provided "AS IS" with no warranties, and confers no

    >rights.
    >>>
    >>>
    >>> --------------------
    >>>> Date: Tue, 13 May 2008 08:44:02 +0200
    >>>> From: "" <>
    >>>> User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    >>>> MIME-Version: 1.0
    >>>> Subject: mixed mode authentication + no postbacks
    >>>
    >>>> Hi there
    >>>>
    >>>> I implemented a mixed mode authentication as follows:
    >>>> main site using forms authentication
    >>>> redirector site using windows authentication, creates a forms
    >>>> authentication cookie and redirects to main site
    >>>>
    >>>> the problem is if i go to the main site everything works fine
    >>>>
    >>>> if i go to the redirector site it redirects to the main site ( as
    >>>> expected, cookie is generated as expected and in site
    >>>> Context.Current.User is set as expected ) but no postbacks occur
    >>>> anymore, even if i logout an logon to the main site problem resides, i
    >>>> figured out that any "redirector" site protected by windows
    >>>> authentication redirecting to my site causes postbacks to not function
    >>>> anymore.
    >>>>
    >>>> I tried the sample from Microsoft Press Book "Developing More-Secure
    >>>> Microsoft?ASP.NET 2.0 Applications" and same thing happened.
    >>>>
    >>>> My config Vista SP1 .NET 3.5
    >>>> or 2003 R2 .NET 3.5
    >>>>
    >>>> Applications are .NET 2.0 applications
    >>>>
    >>>> tia dom
    >>>>
    >>>

    >>
    >>correct, no button or any other method to trigger postback works
    >>anymore, ispostback is always false and no viewstate form fiels is sent
    >>to server anymore
    >>
    >>i wrote a small webapp with one page and one button, by clicking the
    >>button the app creates a authcookie(always with same information within
    >>it) and redirects to my app, if i set authentication for this app to
    >>forms or none everything works as expected, but if i set the
    >>authentication to windows the problem same as described in my post
    >>
    >>i figured out that browser sends the authentication handshakes if
    >>redirect from windows authorized webapp and on every "postback" ist one

    >more
    >>
    >>tia dom
    >>

    >
    >
     
    Steven Cheng [MSFT], May 16, 2008
    #7
  8. Just check the application name value for your applications to match.

    br
    Dimi T.

    "Steven Cheng [MSFT]" wrote:

    > Hi Tia,
    >
    > You can try the web development helper which can capture http messages
    > between browser and webserver:
    >
    > #Web Development Helper
    > http://projects.nikhilk.net/webdevhelper/
    >
    > Sincerely,
    >
    > Steven Cheng
    >
    > Microsoft MSDN Online Support Lead
    >
    >
    > Delighting our customers is our #1 priority. We welcome your comments and
    > suggestions about how we can improve the support we provide to you. Please
    > feel free to let my manager know what you think of the level of service
    > provided. You can send feedback directly to my manager at:
    > .
    >
    > ==================================================
    > Get notification to my posts through email? Please refer to
    > http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    > ications.
    >
    > ==================================================
    > This posting is provided "AS IS" with no warranties, and confers no rights.
    >
    > --------------------
    > >Date: Tue, 13 May 2008 12:47:29 +0200
    > >From: "" <>
    > >User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    > >MIME-Version: 1.0
    > >Subject: Re: mixed mode authentication + no postbacks

    >
    > >
    > >Steven Cheng [MSFT] wrote:
    > >> Hi tia,
    > >>
    > >> From your description, you've applied a custom mixed authenitcation in

    > your
    > >> ASP.NET web application,and the windows authentication module will

    > generate
    > >> forms authentication cookie and redirect user to formsauthentication

    > site.
    > >> However, you found that after redirected from windows authenticatino

    > site,
    > >> any page postback operation no longer work, correct?
    > >>
    > >> If this is the case, I think the behavior is quite unexpected. As for

    > the
    > >> postback not work, do you mean even putting a typical submit button(and
    > >> click it) will not cause page to postback? Or if the client-side browser
    > >> does perform the postback and server-side didn't show any reflection or
    > >> return any response? I'm still not quite sure about the exact result

    > and
    > >> behavior when you go through the redirector module and return to main

    > site
    > >> pages. Is there any particular error message?
    > >>
    > >> Sincerely,
    > >>
    > >> Steven Cheng
    > >>
    > >> Microsoft MSDN Online Support Lead
    > >>
    > >>
    > >> Delighting our customers is our #1 priority. We welcome your comments

    > and
    > >> suggestions about how we can improve the support we provide to you.

    > Please
    > >> feel free to let my manager know what you think of the level of service
    > >> provided. You can send feedback directly to my manager at:
    > >> .
    > >>
    > >> ==================================================
    > >> Get notification to my posts through email? Please refer to
    > >>

    > http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    > >> ications.
    > >>
    > >> Note: The MSDN Managed Newsgroup support offering is for non-urgent

    > issues
    > >> where an initial response from the community or a Microsoft Support
    > >> Engineer within 1 business day is acceptable. Please note that each

    > follow
    > >> up response may take approximately 2 business days as the support
    > >> professional working with you may need further investigation to reach

    > the
    > >> most efficient resolution. The offering is not appropriate for

    > situations
    > >> that require urgent, real-time or phone-based interactions or complex
    > >> project analysis and dump analysis issues. Issues of this nature are

    > best
    > >> handled working with a dedicated Microsoft Support Engineer by

    > contacting
    > >> Microsoft Customer Support Services (CSS) at
    > >> http://msdn.microsoft.com/subscriptions/support/default.aspx.
    > >> ==================================================
    > >> This posting is provided "AS IS" with no warranties, and confers no

    > rights.
    > >>
    > >>
    > >> --------------------
    > >>> Date: Tue, 13 May 2008 08:44:02 +0200
    > >>> From: "" <>
    > >>> User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    > >>> MIME-Version: 1.0
    > >>> Subject: mixed mode authentication + no postbacks
    > >>
    > >>> Hi there
    > >>>
    > >>> I implemented a mixed mode authentication as follows:
    > >>> main site using forms authentication
    > >>> redirector site using windows authentication, creates a forms
    > >>> authentication cookie and redirects to main site
    > >>>
    > >>> the problem is if i go to the main site everything works fine
    > >>>
    > >>> if i go to the redirector site it redirects to the main site ( as
    > >>> expected, cookie is generated as expected and in site
    > >>> Context.Current.User is set as expected ) but no postbacks occur
    > >>> anymore, even if i logout an logon to the main site problem resides, i
    > >>> figured out that any "redirector" site protected by windows
    > >>> authentication redirecting to my site causes postbacks to not function
    > >>> anymore.
    > >>>
    > >>> I tried the sample from Microsoft Press Book "Developing More-Secure
    > >>> Microsoft?ASP.NET 2.0 Applications" and same thing happened.
    > >>>
    > >>> My config Vista SP1 .NET 3.5
    > >>> or 2003 R2 .NET 3.5
    > >>>
    > >>> Applications are .NET 2.0 applications
    > >>>
    > >>> tia dom
    > >>>
    > >>

    > >
    > >correct, no button or any other method to trigger postback works
    > >anymore, ispostback is always false and no viewstate form fiels is sent
    > >to server anymore
    > >
    > >i wrote a small webapp with one page and one button, by clicking the
    > >button the app creates a authcookie(always with same information within
    > >it) and redirects to my app, if i set authentication for this app to
    > >forms or none everything works as expected, but if i set the
    > >authentication to windows the problem same as described in my post
    > >
    > >i figured out that browser sends the authentication handshakes if
    > >redirect from windows authorized webapp and on every "postback" ist one

    > more
    > >
    > >tia dom
    > >

    >
    >
     
    Dimitrios Toulakis, May 20, 2008
    #8
  9. David Sharpe Guest

    any response ?

    Has anyone worked out why the IsPostBack is always false in this case or the postback is not occurring !
     
    David Sharpe, Jun 3, 2008
    #9
  10. David Guest

    What application name where ?

    On May 21, 12:32 am, Dimitrios Toulakis
    <> wrote:
    > Just check the application name value for your applications to match.
    >
    > br
    > Dimi T.
    >
    > "Steven Cheng [MSFT]" wrote:
    > > Hi Tia,

    >
    > > You can try the web development helper which can capture http messages
    > > between browser and webserver:

    >
    > > #Web Development Helper
    > >http://projects.nikhilk.net/webdevhelper/

    >
    > > Sincerely,

    >
    > > Steven Cheng

    >
    > > Microsoft MSDN Online Support Lead

    >
    > > Delighting our customers is our #1 priority. We welcome your comments and
    > > suggestions about how we can improve the support we provide to you. Please
    > > feel free to let my manager know what you think of the level of service
    > > provided. You can send feedback directly to my manager at:
    > > .

    >
    > > ==================================================
    > > Get notification to my posts through email? Please refer to
    > >http://msdn.microsoft.com/subscriptions/managednewsgroups/default.asp...
    > > ications.

    >
    > > ==================================================
    > > This posting is provided "AS IS" with no warranties, and confers no rights.

    >
    > > --------------------
    > > >Date: Tue, 13 May 2008 12:47:29 +0200
    > > >From: "" <>
    > > >User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    > > >MIME-Version: 1.0
    > > >Subject: Re: mixed mode authentication + no postbacks

    >
    > > >Steven Cheng [MSFT] wrote:
    > > >> Hi tia,

    >
    > > >> From your description, you've applied a custom mixed authenitcation in

    > > your
    > > >> ASP.NET web application,and the windows authentication module will

    > > generate
    > > >> forms authentication cookie and redirect user to formsauthentication

    > > site.
    > > >> However, you found that after redirected from windows authenticatino

    > > site,
    > > >> any page postback operation no longer work, correct?

    >
    > > >> If this is the case, I think the behavior is quite unexpected. As for

    > > the
    > > >> postback not work, do you mean even putting a typical submit button(and
    > > >> click it) will not cause page to postback? Or if the client-side browser
    > > >> does perform the postback and server-side didn't show any reflection or
    > > >> return any response? I'm still not quite sure about the exact result

    > > and
    > > >> behavior when you go through the redirector module and return to main

    > > site
    > > >> pages. Is there any particular error message?

    >
    > > >> Sincerely,

    >
    > > >> Steven Cheng

    >
    > > >> Microsoft MSDN Online Support Lead

    >
    > > >> Delighting our customers is our #1 priority. We welcome your comments

    > > and
    > > >> suggestions about how we can improve the support we provide to you.

    > > Please
    > > >> feel free to let my manager know what you think of the level of service
    > > >> provided. You can send feedback directly to my manager at:
    > > >> .

    >
    > > >> ==================================================
    > > >> Get notification to my posts through email? Please refer to

    >
    > >http://msdn.microsoft.com/subscriptions/managednewsgroups/default.asp...
    > > >> ications.

    >
    > > >> Note: The MSDN Managed Newsgroup support offering is for non-urgent

    > > issues
    > > >> where an initial response from the community or a Microsoft Support
    > > >> Engineer within 1 business day is acceptable. Please note that each

    > > follow
    > > >> up response may take approximately 2 business days as the support
    > > >> professional working with you may need further investigation to reach

    > > the
    > > >> most efficient resolution. The offering is not appropriate for

    > > situations
    > > >> that require urgent, real-time or phone-based interactions or complex
    > > >> project analysis and dump analysis issues. Issues of this nature are

    > > best
    > > >> handled working with a dedicated Microsoft Support Engineer by

    > > contacting
    > > >> Microsoft Customer Support Services (CSS) at
    > > >>http://msdn.microsoft.com/subscriptions/support/default.aspx.
    > > >> ==================================================
    > > >> This posting is provided "AS IS" with no warranties, and confers no

    > > rights.

    >
    > > >> --------------------
    > > >>> Date: Tue, 13 May 2008 08:44:02 +0200
    > > >>> From: "" <>
    > > >>> User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    > > >>> MIME-Version: 1.0
    > > >>> Subject: mixed mode authentication + no postbacks

    >
    > > >>> Hi there

    >
    > > >>> I implemented a mixed mode authentication as follows:
    > > >>> main site using forms authentication
    > > >>> redirector site using windows authentication, creates a forms
    > > >>> authentication cookie and redirects to main site

    >
    > > >>> the problem is if i go to the main site everything works fine

    >
    > > >>> if i go to the redirector site it redirects to the main site ( as
    > > >>> expected, cookie is generated as expected and in site
    > > >>> Context.Current.User is set as expected ) but no postbacks occur
    > > >>> anymore, even if i logout an logon to the main site problem resides, i
    > > >>> figured out that any "redirector" site protected by windows
    > > >>> authentication redirecting to my site causes postbacks to not function
    > > >>> anymore.

    >
    > > >>> I tried the sample from Microsoft Press Book "Developing More-Secure
    > > >>> Microsoft?ASP.NET 2.0 Applications" and same thing happened.

    >
    > > >>> My config Vista SP1 .NET 3.5
    > > >>> or 2003 R2 .NET 3.5

    >
    > > >>> Applications are .NET 2.0 applications

    >
    > > >>> tia dom

    >
    > > >correct, no button or any other method to trigger postback works
    > > >anymore, ispostback is always false and no viewstate form fiels is sent
    > > >to server anymore

    >
    > > >i wrote a small webapp with one page and one button, by clicking the
    > > >button the app creates a authcookie(always with same information within
    > > >it) and redirects to my app, if i set authentication for this app to
    > > >forms or none everything works as expected, but if i set the
    > > >authentication to windows the problem same as described in my post

    >
    > > >i figured out that browser sends the authentication handshakes if
    > > >redirect from windows authorized webapp and on every "postback" ist one

    > > more

    >
    > > >tia dom
     
    David, Jun 3, 2008
    #10
  11. David Guest

    Oddly this bahaviour ONLY manifests for us if we are developing and
    debugging on the same machine, i'e client and server on same machine,
    as soon as we run the client from elsewhere we get the postback we
    expect !!!!!!! doh !

    > On May 16, 10:01 pm, (Steven Cheng [MSFT]) wrote:
    > Hi tia ,
    >
    > Have you got any progress on this? If you need any further help, please
    > feel free to let me know.
    >
    > Sincerely,
    >
    > Steven Cheng
    >
    > Microsoft MSDN Online Support Lead
    >
    > Delighting our customers is our #1 priority. We welcome your comments and
    > suggestions about how we can improve the support we provide to you. Please
    > feel free to let my manager know what you think of the level of service
    > provided. You can send feedback directly to my manager at:
    > .
    >
    > ==================================================
    > Get notification to my posts through email? Please refer tohttp://msdn.microsoft.com/subscriptions/managednewsgroups/default.asp...
    > ications.
    > ==================================================
    > This posting is provided "AS IS" with no warranties, and confers no rights.
    > --------------------
    >
    >
    >
    > >Content-Transfer-Encoding: 7bit
    > >From: (Steven Cheng [MSFT])
    > >Organization: Microsoft
    > >Date: Wed, 14 May 2008 02:30:38 GMT
    > >Subject: Re: mixed mode authentication + no postbacks

    >
    > >Thanks for your reply Tia,

    >
    > >#Web Development Helper

    >
    > >--------------------
    > >>Date: Tue, 13 May 2008 12:47:29 +0200
    > >>MIME-Version: 1.0
    > >>Subject: Re: mixed mode authentication + no postbacks

    >
    > >>Steven Cheng [MSFT] wrote:
    > >>> Hi tia,

    >
    > >>> From your description, you've applied a custom mixed authenitcation in

    > >your
    > >>> ASP.NET web application,and the windows authentication module will

    > >generate
    > >>> forms authentication cookie and redirect user to formsauthentication

    > >site.
    > >>> However, you found that after redirected from windows authenticatino

    > >site,
    > >>> any page postback operation no longer work, correct?

    >
    > >>> If this is the case, I think the behavior is quite unexpected. As for

    > >the
    > >>> postback not work, do you mean even putting a typical submit button(and
    > >>> click it) will not cause page to postback? Or if the client-side

    > browser
    > >>> does perform the postback and server-side didn't show any reflection or
    > >>> return any response? I'm still not quite sure about the exact result

    > >and
    > >>> behavior when you go through the redirector module and return to main

    > >site
    > >>> pages. Is there any particular error message?

    >
    > >>> Sincerely,

    >
    > >>> Steven Cheng

    >
    > >>> Microsoft MSDN Online Support Lead

    >
    > >>> Delighting our customers is our #1 priority. We welcome your comments

    > >and
    > >>> suggestions about how we can improve the support we provide to you.

    > >Please
    > >>> feel free to let my manager know what you think of the level of service
    > >>> provided. You can send feedback directly to my manager at:
    > >>> .

    >
    > >>> ==================================================
    > >>> Get notification to my posts through email? Please refer to

    >
    > >http://msdn.microsoft.com/subscriptions/managednewsgroups/default.asp...

    > f
    > >>> ications.

    >
    > >>> Note: The MSDN Managed Newsgroup support offering is for non-urgent

    > >issues
    > >>> where an initial response from the community or a Microsoft Support
    > >>> Engineer within 1 business day is acceptable. Please note that each

    > >follow
    > >>> up response may take approximately 2 business days as the support
    > >>> professional working with you may need further investigation to reach

    > >the
    > >>> most efficient resolution. The offering is not appropriate for

    > >situations
    > >>> that require urgent, real-time or phone-based interactions or complex
    > >>> project analysis and dump analysis issues. Issues of this nature are

    > >best
    > >>> handled working with a dedicated Microsoft Support Engineer by

    > >contacting
    > >>> Microsoft Customer Support Services (CSS) at
    > >>>http://msdn.microsoft.com/subscriptions/support/default.aspx.
    > >>> ==================================================
    > >>> This posting is provided "AS IS" with no warranties, and confers no

    > >rights.

    >
    > >>> --------------------
    > >>>> Date: Tue, 13 May 2008 08:44:02 +0200
    > >>>> From: "" <>
    > >>>> User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    > >>>> MIME-Version: 1.0
    > >>>> Subject: mixed mode authentication + no postbacks

    >
    > >>>> Hi there

    >
    > >>>> I implemented a mixed mode authentication as follows:
    > >>>> main site using forms authentication
    > >>>> redirector site using windows authentication, creates a forms
    > >>>> authentication cookie and redirects to main site

    >
    > >>>> the problem is if i go to the main site everything works fine

    >
    > >>>> if i go to the redirector site it redirects to the main site ( as
    > >>>> expected, cookie is generated as expected and in site
    > >>>> Context.Current.User is set as expected ) but no postbacks occur
    > >>>> anymore, even if i logout an logon to the main site problem resides, i
    > >>>> figured out that any "redirector" site protected by windows
    > >>>> authentication redirecting to my site causes postbacks to not function
    > >>>> anymore.

    >
    > >>>> I tried the sample from Microsoft Press Book "Developing More-Secure
    > >>>> Microsoft?ASP.NET 2.0 Applications" and same thing happened.

    >
    > >>>> My config Vista SP1 .NET 3.5
    > >>>> or 2003 R2 .NET 3.5

    >
    > >>>> Applications are .NET 2.0 applications

    >
    > >>>> tia dom

    >
    > >>correct, no button or any other method to trigger postback works
    > >>anymore, ispostback is always false and no viewstate form fiels is sent
    > >>to server anymore

    >
    > >>i wrote a small webapp with one page and one button, by clicking the
    > >>button the app creates a authcookie(always with same information within
    > >>it) and redirects to my app, if i set authentication for this app to
    > >>forms or none everything works as expected, but if i set the
    > >>authentication to windows the problem same as described in my post

    >
    > >>i figured out that browser sends the authentication handshakes if
    > >>redirect from windows authorized webapp and on every "postback" ist one

    > >more

    >
    > >>tia dom
     
    David, Jun 3, 2008
    #11
  12. Sorry,

    Im assuming with this answer that you are running your applications in the
    IIS.
    There you should check the values to match to the corresponding dll....

    Example:
    Your dll: Foo.dll

    Web1 -> WinAuth -> Name: FooWin --> App Name: Foo
    Web2 -> FormsAuth -> Name: Foo --> App Name: Foo


    br
    DT

    PS: If you are using the web dev server then I have no clue...

    PS2: If you are recompling and the browser window is open, then this happens
    sometimes....



    "David" wrote:

    > What application name where ?
    >
    > On May 21, 12:32 am, Dimitrios Toulakis
    > <> wrote:
    > > Just check the application name value for your applications to match.
    > >
    > > br
    > > Dimi T.
    > >
    > > "Steven Cheng [MSFT]" wrote:
    > > > Hi Tia,

    > >
    > > > You can try the web development helper which can capture http messages
    > > > between browser and webserver:

    > >
    > > > #Web Development Helper
    > > >http://projects.nikhilk.net/webdevhelper/

    > >
    > > > Sincerely,

    > >
    > > > Steven Cheng

    > >
    > > > Microsoft MSDN Online Support Lead

    > >
    > > > Delighting our customers is our #1 priority. We welcome your comments and
    > > > suggestions about how we can improve the support we provide to you. Please
    > > > feel free to let my manager know what you think of the level of service
    > > > provided. You can send feedback directly to my manager at:
    > > > .

    > >
    > > > ==================================================
    > > > Get notification to my posts through email? Please refer to
    > > >http://msdn.microsoft.com/subscriptions/managednewsgroups/default.asp...
    > > > ications.

    > >
    > > > ==================================================
    > > > This posting is provided "AS IS" with no warranties, and confers no rights.

    > >
    > > > --------------------
    > > > >Date: Tue, 13 May 2008 12:47:29 +0200
    > > > >From: "" <>
    > > > >User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    > > > >MIME-Version: 1.0
    > > > >Subject: Re: mixed mode authentication + no postbacks

    > >
    > > > >Steven Cheng [MSFT] wrote:
    > > > >> Hi tia,

    > >
    > > > >> From your description, you've applied a custom mixed authenitcation in
    > > > your
    > > > >> ASP.NET web application,and the windows authentication module will
    > > > generate
    > > > >> forms authentication cookie and redirect user to formsauthentication
    > > > site.
    > > > >> However, you found that after redirected from windows authenticatino
    > > > site,
    > > > >> any page postback operation no longer work, correct?

    > >
    > > > >> If this is the case, I think the behavior is quite unexpected. As for
    > > > the
    > > > >> postback not work, do you mean even putting a typical submit button(and
    > > > >> click it) will not cause page to postback? Or if the client-side browser
    > > > >> does perform the postback and server-side didn't show any reflection or
    > > > >> return any response? I'm still not quite sure about the exact result
    > > > and
    > > > >> behavior when you go through the redirector module and return to main
    > > > site
    > > > >> pages. Is there any particular error message?

    > >
    > > > >> Sincerely,

    > >
    > > > >> Steven Cheng

    > >
    > > > >> Microsoft MSDN Online Support Lead

    > >
    > > > >> Delighting our customers is our #1 priority. We welcome your comments
    > > > and
    > > > >> suggestions about how we can improve the support we provide to you.
    > > > Please
    > > > >> feel free to let my manager know what you think of the level of service
    > > > >> provided. You can send feedback directly to my manager at:
    > > > >> .

    > >
    > > > >> ==================================================
    > > > >> Get notification to my posts through email? Please refer to

    > >
    > > >http://msdn.microsoft.com/subscriptions/managednewsgroups/default.asp...
    > > > >> ications.

    > >
    > > > >> Note: The MSDN Managed Newsgroup support offering is for non-urgent
    > > > issues
    > > > >> where an initial response from the community or a Microsoft Support
    > > > >> Engineer within 1 business day is acceptable. Please note that each
    > > > follow
    > > > >> up response may take approximately 2 business days as the support
    > > > >> professional working with you may need further investigation to reach
    > > > the
    > > > >> most efficient resolution. The offering is not appropriate for
    > > > situations
    > > > >> that require urgent, real-time or phone-based interactions or complex
    > > > >> project analysis and dump analysis issues. Issues of this nature are
    > > > best
    > > > >> handled working with a dedicated Microsoft Support Engineer by
    > > > contacting
    > > > >> Microsoft Customer Support Services (CSS) at
    > > > >>http://msdn.microsoft.com/subscriptions/support/default.aspx.
    > > > >> ==================================================
    > > > >> This posting is provided "AS IS" with no warranties, and confers no
    > > > rights.

    > >
    > > > >> --------------------
    > > > >>> Date: Tue, 13 May 2008 08:44:02 +0200
    > > > >>> From: "" <>
    > > > >>> User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)
    > > > >>> MIME-Version: 1.0
    > > > >>> Subject: mixed mode authentication + no postbacks

    > >
    > > > >>> Hi there

    > >
    > > > >>> I implemented a mixed mode authentication as follows:
    > > > >>> main site using forms authentication
    > > > >>> redirector site using windows authentication, creates a forms
    > > > >>> authentication cookie and redirects to main site

    > >
    > > > >>> the problem is if i go to the main site everything works fine

    > >
    > > > >>> if i go to the redirector site it redirects to the main site ( as
    > > > >>> expected, cookie is generated as expected and in site
    > > > >>> Context.Current.User is set as expected ) but no postbacks occur
    > > > >>> anymore, even if i logout an logon to the main site problem resides, i
    > > > >>> figured out that any "redirector" site protected by windows
    > > > >>> authentication redirecting to my site causes postbacks to not function
    > > > >>> anymore.

    > >
    > > > >>> I tried the sample from Microsoft Press Book "Developing More-Secure
    > > > >>> Microsoft?ASP.NET 2.0 Applications" and same thing happened.

    > >
    > > > >>> My config Vista SP1 .NET 3.5
    > > > >>> or 2003 R2 .NET 3.5

    > >
    > > > >>> Applications are .NET 2.0 applications

    > >
    > > > >>> tia dom

    > >
    > > > >correct, no button or any other method to trigger postback works
    > > > >anymore, ispostback is always false and no viewstate form fiels is sent
    > > > >to server anymore

    > >
    > > > >i wrote a small webapp with one page and one button, by clicking the
    > > > >button the app creates a authcookie(always with same information within
    > > > >it) and redirects to my app, if i set authentication for this app to
    > > > >forms or none everything works as expected, but if i set the
    > > > >authentication to windows the problem same as described in my post

    > >
    > > > >i figured out that browser sends the authentication handshakes if
    > > > >redirect from windows authorized webapp and on every "postback" ist one
    > > > more

    > >
    > > > >tia dom

    >
    >
     
    Dimitrios Toulakis, Jun 3, 2008
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. tripwater

    VS Authentication (mixed mode)

    tripwater, Apr 5, 2005, in forum: ASP .Net
    Replies:
    3
    Views:
    649
    Tad Marshall
    Apr 10, 2005
  2. tripwater

    VS Authentication (mixed mode)

    tripwater, Apr 5, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    319
    tripwater
    Apr 5, 2005
  3. tripwater

    VS Authentication (mixed mode)

    tripwater, Apr 5, 2005, in forum: ASP .Net
    Replies:
    4
    Views:
    1,652
    =?Utf-8?B?UGF0cmljaw==?=
    Apr 6, 2005
  4. Matt
    Replies:
    0
    Views:
    440
  5. Replies:
    0
    Views:
    478
Loading...

Share This Page