I've been trying to work out authenticating users into my app, which is running inside a MS Teams Tab application, and I'm having issues in mobile.
To authorize requests in the application, we just need to have a cookie in place that the server sets when the user authenticates. So for this to work inside Microsoft Teams, I've been trying to just send the token to the iframe and set the cookie. Everything works pretty well on web and desktop, but on mobile (I've tested only with iOS so cannot really tell about Android), the cookie doesn't work at all.
I've tried to set some test cookies and read them, and it doesn't work. So my question is if there is a way to work with cookies in mobile? Is it an issue on my end or has it been disabled in the web view that loads the tab? Is there a way around it or any suggestion that would help solve my problem?
Thanks for the help!
I am facing very interesting issue and I am not sure what can cause this. I am using SSO SAML for authentication to the system and IE11 as the browser to access the application. After some time (e.g. 5 min) the session terminates and it is renewed and it is a background process. Somehow only in IE, the session is not renewed until I maximize the browser and do some user action (after that it works). Other browsers are not affected and everything works in background properly. Do anyone know what can cause the issue in IE that the browser needs to user action?
I have this website that I developed. It is acting weird. I logged onto it and now it seems that I can't logout of it. It has session which I don't know how it can still maintain after logging out and also in different browsers and even in incognito.
The weirdest thing is that if you open it in your browser you get same session state. You can't do anything with it. But it is jut there.
What is going on?
Go to this page, it shows some user logged in. click Add and it asks for credentials again. Like an endless loop.
http://krninstitute.com/krnitech/Forms
Then go to this page, it shows other user logged in. Go to the end of the page.
http://krninstitute.com/krnitech/Gallery
This question requires these external links.
But here are images just in case:
Edit 1:
What is causing every request to end up with session cookie? I don't have any cache implemented. Does it have something to do with recent GoDaddy crash?
Edit 2:
Questions are 1. how can you see who is logged in on the application? I haven't implemented such functionality. And 2. how there are two people logged on from same browser window?
Session and Authentication are two different things. When you use FormsAuthentication to login and logout, it does not change the session. You must abandon the session in addition to logging out to do that.
Session.Abandon();
Be aware that the session will still be there until the end of the request, so you should probably immediately redirect to a default page afterwards.
We have a client that wants to lock down thier pc's to only use our web application.
So I've enabled content advisor to only access this site. However it seems to lose the login session and keeps throwing the user back to the login screen. When I disable content advisor the app runs as it should.
Has anybody exprecienced this before, and can anybody help me solve this.
The pcs are Windows XP using ie8
Cheers
I've had Windows Authentication setup on an area of our website for some time now, and it has worked flawlessly so far.
Recently, the login prompt stopped appearing and went straight to "Page cannot be displayed" for some reason.
While connected to our network, the page works fine.
Outside our network, users are supposed to receive a login prompt but they now do not, instead receiving the "page cannot be displayed" error.
Why would this suddenly occur, and how is it fixed? I have tried removing the virtual directory and re-adding it but nothing seems to work.
The strange thing is this is only happening in IE - Google Chrome works fine (I receive the login prompt).
Is there a setting or something inside of IIS that disables this login prompt or something? It is strange it is an IE specific issue as well - there were no changes to the state of IE from one day when it was working to the next where it wasn't.
Anyone have ideas on what might be causing this?
Thanks
Oddly enough, I'd wonder why you were getting the login prompt before now.
If you're logged in to Windows and the site you're browsing to uses Windows Auth, IE will automatically try to pass the logged in user's credentials to the site (this all depends on your domain configuration/trust setup...something may have changed with those settings at the domain level that changed the behavior of your IE).
Chrome/Firefox/Safari don't have this functionality, which is why you're still getting a login prompt.
There is a checkbox in internet options->advanced tab to enable/disable Windows Authentication, but you said that there were no changes. Either way it is something to check.
It sounds like you are hitting a security setting in IE.
IE stops windows authentication information from being sent to sites that you do not trust.
You could try adding the site to your list of trusted sites.
You can start by taking a network trace both Internally and Externally, reproduce the issue and see if the request actually reaches the web server. Also, check the IIS logfile for the "Page Cannot Be Displayed" response.
Let me know if that helps or if you have more questions.
Regards,
Vivek.
You need to take a network capture (www.fiddlercap.com) to get any real help with this.
IE supports the "Negotiate" protocol in addition to NTLM; Chrome and other browsers typically only support NTLM.