473,653 Members | 2,968 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

anonymousIdenti fication setting fails to override root configurati

I am designing a site that requires AnonymousID. I set my web.config to
allow this using <anonymousIdent ification enable="true".. ./as recommended
in the documentation.

To verify the settings I use the following code in global.asax and stop the
execution using debug to inspect the settings.

Configuration configuration =
WebConfiguratio nManager.OpenWe bConfiguration( "/SessionManager" );

// Get the section.
AnonymousIdenti ficationSection anonymousIdenti ficationSection =
(AnonymousIdent ificationSectio n)configuration .GetSection("sy stem.web/anonymousIdenti fication");

In this case anonymousIdenti fication is enabled.

When I get the root configuration using OpenWebConfigur ation(null) and check
the settings anonymousIdenti fication is not enabled.

Subsequently when I check the Request.Anonymo usID during page requests it is
null.

Another issue is which delegate to use to directly set the AnonymousID. The
documentation recommends both AnonymousIdenti fication_OnCrea te and
AnonymousIdenti fication_Creati ng in different areas. I supplied both in my
global.asax code and neither are called further substantiating the failure to
use the site application web.config as opposed to the root web.config
settings.

Any suggestions or help is appreciated.
--
John H Clark
www.weownit.coop
Nov 14 '06 #1
6 4273
Hi John,

Based on my understanding, you have a virtual directory at
"/SessionManager" that is configured with AnonymousIdenti fication enabled.
However, you found that in Session_Start, Request.Anonymo usID is null. If
I've misunderstood anything, please feel free to let me know.

I've done some test on Windows Server 2003 R2 using the information from
your post, however, I found the AnonymousID is correctly set to a GUID
value (default).

Since AnonymousIdenti fication must be set at Machine.config, Root-level or
Application-level web.config, I think the setting should be honored in the
sub web.

As the documentation of AnonymousIdenti ficationModule' s event, the correct
event is Creating. The documention of AnonymousID is incorrect here. I'm
sorry for the confusion caused.

#How to: Create ASP.NET Application-Level Event Handlers
http://msdn2.microsoft.com/en-us/library/fwzzh56s.aspx
ASP.NET automatically binds application events to event-handler methods in
the Global.asax file using a naming convention of Application_eve nt, such
as Application_Beg inRequest and Application_Err or.

If you add modules to your application, the modules themselves can raise
events. The application can subscribe to in these events in the Global.asax
file by using the convention modulename_even tname. For example, to handle
the Authenticate event raised by a FormsAuthentica tionModule object, you
can create a handler named FormsAuthentica tion_Authentica te.
You will find following http modules in
%windir%\micros oft.net\framewo rk\v2.0.50727\c onfig\web.confi g:

<httpModules>
<add name="OutputCac he"
type="System.We b.Caching.Outpu tCacheModule" />
<add name="Session"
type="System.We b.SessionState. SessionStateMod ule" />
<add name="WindowsAu thentication"
type="System.We b.Security.Wind owsAuthenticati onModule" />
<add name="FormsAuth entication"
type="System.We b.Security.Form sAuthentication Module" />
<add name="PassportA uthentication"
type="System.We b.Security.Pass portAuthenticat ionModule" />
<add name="RoleManag er"
type="System.We b.Security.Role ManagerModule" />
<add name="UrlAuthor ization"
type="System.We b.Security.UrlA uthorizationMod ule" />
<add name="FileAutho rization"
type="System.We b.Security.File AuthorizationMo dule" />
<add name="Anonymous Identification"
type="System.We b.Security.Anon ymousIdentifica tionModule" />
<add name="Profile" type="System.We b.Profile.Profi leModule" />
<add name="ErrorHand lerModule"
type="System.We b.Mobile.ErrorH andlerModule, System.Web.Mobi le,
Version=2.0.0.0 , Culture=neutral , PublicKeyToken= b03f5f7f11d50a3 a" />
</httpModules>
Which means you can use their events in Global.asax; and if you take a look
at AnonymousIdenti ficationModule' s events, it only has an event named
Creating.

You can use following code in global.asax to set the AnonymousID:

void AnonymousIdenti fication_Creati ng(object sender,
AnonymousIdenti ficationEventAr gs
args)
{
args.AnonymousI D = DateTime.Now.To String();
}
To debug this, make sure you've cleared IE cookies related to your web
server; you can use IECookiesView from
http://www.nirsoft.net/utils/iecookies.html to delete the cookies.
Sincerely,
Walter Wang (wa****@online. microsoft.com, remove 'online.')
Microsoft Online Community Support

=============== =============== =============== =====
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications. If you are using Outlook Express, please make sure you clear the
check box "Tools/Options/Read: Get 300 headers at a time" to see your reply
promptly.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscripti...t/default.aspx.
=============== =============== =============== =====

This posting is provided "AS IS" with no warranties, and confers no rights.

Nov 15 '06 #2
Walter,

Thanks for the information.

I checked my AnonymousIdenti fication module configuration and found that the
setting is as described in your reply. I retested after setting both the root
and the application anonymousIdenti fication enabled = "true". This has no
effect.

Please try testing the situation I described using XP Professional, Visual
Studio, IE7 in a localhost environment. See if that changes your outcome.
--
John H Clark
www.weownit.coop
"Walter Wang [MSFT]" wrote:
Hi John,

Based on my understanding, you have a virtual directory at
"/SessionManager" that is configured with AnonymousIdenti fication enabled.
However, you found that in Session_Start, Request.Anonymo usID is null. If
I've misunderstood anything, please feel free to let me know.

I've done some test on Windows Server 2003 R2 using the information from
your post, however, I found the AnonymousID is correctly set to a GUID
value (default).

Since AnonymousIdenti fication must be set at Machine.config, Root-level or
Application-level web.config, I think the setting should be honored in the
sub web.

As the documentation of AnonymousIdenti ficationModule' s event, the correct
event is Creating. The documention of AnonymousID is incorrect here. I'm
sorry for the confusion caused.

#How to: Create ASP.NET Application-Level Event Handlers
http://msdn2.microsoft.com/en-us/library/fwzzh56s.aspx
ASP.NET automatically binds application events to event-handler methods in
the Global.asax file using a naming convention of Application_eve nt, such
as Application_Beg inRequest and Application_Err or.

If you add modules to your application, the modules themselves can raise
events. The application can subscribe to in these events in the Global.asax
file by using the convention modulename_even tname. For example, to handle
the Authenticate event raised by a FormsAuthentica tionModule object, you
can create a handler named FormsAuthentica tion_Authentica te.
You will find following http modules in
%windir%\micros oft.net\framewo rk\v2.0.50727\c onfig\web.confi g:

<httpModules>
<add name="OutputCac he"
type="System.We b.Caching.Outpu tCacheModule" />
<add name="Session"
type="System.We b.SessionState. SessionStateMod ule" />
<add name="WindowsAu thentication"
type="System.We b.Security.Wind owsAuthenticati onModule" />
<add name="FormsAuth entication"
type="System.We b.Security.Form sAuthentication Module" />
<add name="PassportA uthentication"
type="System.We b.Security.Pass portAuthenticat ionModule" />
<add name="RoleManag er"
type="System.We b.Security.Role ManagerModule" />
<add name="UrlAuthor ization"
type="System.We b.Security.UrlA uthorizationMod ule" />
<add name="FileAutho rization"
type="System.We b.Security.File AuthorizationMo dule" />
<add name="Anonymous Identification"
type="System.We b.Security.Anon ymousIdentifica tionModule" />
<add name="Profile" type="System.We b.Profile.Profi leModule" />
<add name="ErrorHand lerModule"
type="System.We b.Mobile.ErrorH andlerModule, System.Web.Mobi le,
Version=2.0.0.0 , Culture=neutral , PublicKeyToken= b03f5f7f11d50a3 a" />
</httpModules>
Which means you can use their events in Global.asax; and if you take a look
at AnonymousIdenti ficationModule' s events, it only has an event named
Creating.

You can use following code in global.asax to set the AnonymousID:

void AnonymousIdenti fication_Creati ng(object sender,
AnonymousIdenti ficationEventAr gs
args)
{
args.AnonymousI D = DateTime.Now.To String();
}
To debug this, make sure you've cleared IE cookies related to your web
server; you can use IECookiesView from
http://www.nirsoft.net/utils/iecookies.html to delete the cookies.
Sincerely,
Walter Wang (wa****@online. microsoft.com, remove 'online.')
Microsoft Online Community Support

=============== =============== =============== =====
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications. If you are using Outlook Express, please make sure you clear the
check box "Tools/Options/Read: Get 300 headers at a time" to see your reply
promptly.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscripti...t/default.aspx.
=============== =============== =============== =====

This posting is provided "AS IS" with no warranties, and confers no rights.

Nov 15 '06 #3
Hi John,

Make sure you've enabled "Anonymous access" in IIS for your virtual
directory.

Regards,
Walter Wang (wa****@online. microsoft.com, remove 'online.')
Microsoft Online Community Support

=============== =============== =============== =====
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=============== =============== =============== =====

This posting is provided "AS IS" with no warranties, and confers no rights.

Nov 16 '06 #4
Walter,

The directory runs under the control of the ASP.NET Development Server. It
doesn't appear in the IIS list of virtual directories. Its URL is
http://localhost:xxxx/SessionManager.

How do I allow anonymous access to this virtual directory?
--
John H Clark
www.weownit.coop
"Walter Wang [MSFT]" wrote:
Hi John,

Make sure you've enabled "Anonymous access" in IIS for your virtual
directory.

Regards,
Walter Wang (wa****@online. microsoft.com, remove 'online.')
Microsoft Online Community Support

=============== =============== =============== =====
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=============== =============== =============== =====

This posting is provided "AS IS" with no warranties, and confers no rights.

Nov 16 '06 #5
Hi John,

I'm sorry for my misunderstandin g that you're using IIS instead of the
built-in development web server.

Based on my research, to make the built-in server to accept anonymous
login, you have to use either "None" or "Forms" authentication mode in
web.config:

<system.web>
<authenticati on mode="Forms"/>
...
</system.web>
Using "Windows" authentication mode will use current windows user account
to login; thus reading Request.Anonymo usID will return null.

This is one of limitations of the built-in web server that is not
documented well. I'm sorry for the inconvenience.

The built-in web server does have many limitations when compared to IIS
server, you may find more information here:

#Web Servers in Visual Web Developer
http://msdn2.microsoft.com/en-us/lib...w5(VS.80).aspx
The ASP.NET Development Server only accepts authenticated requests on the
local computer. This requires that the server can support NTLM or Basic
authentication.

Security Context for the ASP.NET Development Server

An important difference between the ASP.NET Development Server and IIS is
the security context in which the respective servers run your ASP.NET
pages. This difference can affect your testing because of differences in
how the pages run.

When you run a page using the ASP.NET Development Server, the page runs in
the context of your current user account. For example, if you are running
as an administrator-level user, a page running in the ASP.NET Development
Server will have administrator-level privileges.
#File System Web Sites
http://msdn2.microsoft.com/en-us/lib...73(VS.80).aspx

Regards,
Walter Wang (wa****@online. microsoft.com, remove 'online.')
Microsoft Online Community Support

=============== =============== =============== =====
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=============== =============== =============== =====

This posting is provided "AS IS" with no warranties, and confers no rights.

Nov 17 '06 #6
Walter,

Thanks for the information.

FYI, I am using Forms authentication so the situation is not resolved by
using Forms authentication.

I will test under the IIS environment.
--
John H Clark
www.weownit.coop
"Walter Wang [MSFT]" wrote:
Hi John,

I'm sorry for my misunderstandin g that you're using IIS instead of the
built-in development web server.

Based on my research, to make the built-in server to accept anonymous
login, you have to use either "None" or "Forms" authentication mode in
web.config:

<system.web>
<authenticati on mode="Forms"/>
...
</system.web>
Using "Windows" authentication mode will use current windows user account
to login; thus reading Request.Anonymo usID will return null.

This is one of limitations of the built-in web server that is not
documented well. I'm sorry for the inconvenience.

The built-in web server does have many limitations when compared to IIS
server, you may find more information here:

#Web Servers in Visual Web Developer
http://msdn2.microsoft.com/en-us/lib...w5(VS.80).aspx
The ASP.NET Development Server only accepts authenticated requests on the
local computer. This requires that the server can support NTLM or Basic
authentication.

Security Context for the ASP.NET Development Server

An important difference between the ASP.NET Development Server and IIS is
the security context in which the respective servers run your ASP.NET
pages. This difference can affect your testing because of differences in
how the pages run.

When you run a page using the ASP.NET Development Server, the page runs in
the context of your current user account. For example, if you are running
as an administrator-level user, a page running in the ASP.NET Development
Server will have administrator-level privileges.
#File System Web Sites
http://msdn2.microsoft.com/en-us/lib...73(VS.80).aspx

Regards,
Walter Wang (wa****@online. microsoft.com, remove 'online.')
Microsoft Online Community Support

=============== =============== =============== =====
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=============== =============== =============== =====

This posting is provided "AS IS" with no warranties, and confers no rights.

Nov 17 '06 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
1690
Setting up MySQL on Mac OS X
by: Bob Goldberg | last post by:
I'm a novice Unix user, and I can't get MySQL set up properly on my Mac. It seems to have installed OK, but when I try to run the mysql_install_ db script, I get errors. I can't set the root password either that the documentation tells me to. As background, I just want to use MySQL to work with databases and PHP and HTML to set up web pages for database input and output. I'm running MySQL on my own machine at home, and have no use for...
MySQL Database
0
7920
Setting folder permissions using VB.Net
by: Johan | last post by:
Hi I'm using WMI to set and remove folderpermissions and it sems to work fine, sometimes. I start by having the folderpermissons manuly set to Everyone and Everone has full rights. When I'm setting and removing permissons on a mapped folder in the network it works fine but when doing the same thing on a folder om my harddrive Everyone does not get removed. Does anyone have any idea how to fix this or how to set and remove...
Visual Basic .NET
3
15823
Setting up HttpListener basic authentication
by: Martin | last post by:
How does one set up basic authentication on an HttpListener? I know I need to set the HttpListener.AuthenticationSchemes to AuthenticationSchemes.Basic but then I'm unsure how and against what (users on the PC?) the Authentication is occuring. Is there a way for me to receive and control the Authentication attempt myself? This is probably obvious but I've found nothing describing it.
.NET Framework
14
33260
Possible to override static member in base class?
by: Dave Booker | last post by:
It looks like the language is trying to prevent me from doing this sort of thing. Nevertheless, the following compiles, and I'd like to know why it doesn't work the way it should: public class ComponentA { static string s_name = "I am the root class."; public string Name { get {return s_name;} } }
C# / C Sharp
1
6476
"error_reporting" setting not being recognized in my php.ini file
by: laredotornado | last post by:
Hi, I'm using PHP 4.4.4 on Apache 2 on Fedora Core 5. PHP was installed using Apache's apxs and the php library was installed to /usr/local/php. However, when I set my "error_reporting" setting to be "E_ALL", notices are still not getting reported. The perms on my file are 664, with owner root and group root. The php.ini file is located at /usr/local/lib/php/php.ini. Any ideas why the setting does not seem to be having an effect? ...
PHP
0
1192
Profile - anonymousIdentification = true kills db connection
by: tedqn | last post by:
As I attempted to use the built Profile feature to store some user info. <anonymousIdentification enabled="true" /> Whenever I set this flag, the db connection would fail, even though debug output of the db connection string in Connections config still looks fine. <add name="ConnectStr" connectionString="Data Source=webserver;
C# / C Sharp
1
2354
Changing DetailsView controls in PreRender will fails on postbacks
by: Khafancoder | last post by:
Hi guys, i'm trying to change all of page control's (root controls and inner controls) forecolor in PreRender event. it works fine but when a postback occures by detailsview command buttons, it fails... (i trace the code, it even executes in postbacks but control's forecolor don't change)
ASP.NET
6
3365
Weird. malloc() fails in spite of having enough virtual memory...
by: itsolution | last post by:
Hi folks, Could you shed some light on this issue? my program is running on Freebsd as a daemon. When user sends a request, it forks itself and lets its child process handles the request. And its main role is just to read a big xml file and save each object into its embedded DB(such as gdbm).
C / C++
1
10007
override Registry Text File Format setting for driver (CSVDelimite
by: =?Utf-8?B?UmljaA==?= | last post by:
In the Registry at HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Jet \ 4.0 \ Engines \ Text the default key for Text Format is: "Format" = "CSVDelimited" I can use the following OleDB connection string with an OleDB dataAdapter to read a comma delimited text file when "Format" = "CSVDelimited"
Visual Basic .NET
0
8370
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
8283
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
8811
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
0
8704
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
0
8590
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
7302
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
0
4147
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
4291
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
2
1591
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us