ASP.NET Authentication over 3 sites on same domain - forms

I need a Form authentication over 3 Sites (login.mydomain.com, www.mydomain.com and admin.mydomain.com). Users are from a MSSQL-DB, but I don't think that's a problem.
I've set up my web.config as described here: http://msdn.microsoft.com/en-us/library/eb0zx8fc.aspx , but it doesn't work.
My code for the login:
string RoleString = string.Empty;
RoleString = user.Gruppe.Bezeichnung;
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, user.Username, DateTime.Now, DateTime.Now.AddMinutes(2), false, user.Gruppe.name, FormsAuthentication.FormsCookiePath);
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
cookie.Name = "UserCookie";
cookie.Domain = ".mydomain.com";
Response.Cookies.Add(cookie);
Response.Redirect("http://www.mydomain.com/Default.aspx");
What could be the problem? I tried with machine key in webconfig, but that gave me an error with the Viewstate of the MAC...

Related

How do I use the ComponentSpace library to programmatically update cached X509 certificate files when I update SAMLController.Configurations

Good day All,
I am using ComponentSpace as a Service Provider to establish SAML2 Single Sign On to my for my clients. The clients use their own identity providers to authenticate and gain access to my MVC5 web application. The issue I am having is that when a client wants to update their X509 certificate files I update the physical files dynamically, but I have to do an IIS reset to get the new certificate files to be used. How can I avoid having to do an IIS reset and get ComponentSpace to use the new X509 certificate files when authenticating. An example of my code is below.
var samlConfiguration = new
ComponentSpace.SAML2.Configuration.SAMLConfiguration();
var ssoUrl = "https://www.ssoUrl/Consumer";
var ssoName ="https://www.ssoName";
var localServiceProviderConfiguration = new LocalServiceProviderConfiguration()
{
Name = ssoName,
AssertionConsumerServiceUrl = ssoUrl
};
samlConfiguration.LocalServiceProviderConfiguration = localServiceProviderConfiguration ;
var certNamePrimary = ConfigurationManager.AppSettings["Certificate_Path"] + "cert-A.cer";
var certNameSecondary = ConfigurationManager.AppSettings["Certificate_Path"] + "cert-B.cer";
var partnerIdentityProviderConfiguration = new
ComponentSpace.SAML2.Configuration.PartnerIdentityProviderConfiguration()
{
Name = clientConfig.PartnerIdPName,
SingleSignOnServiceUrl = clientConfig.IdPSingleSignOnServiceURL,
SignAuthnRequest = false,
WantSAMLResponseSigned = false,
WantAssertionEncrypted = false,
WantAssertionSigned = true,
PartnerCertificateFile = certNamePrimary ,
SecondaryPartnerCertificateFile = certNameSecondary
};
samlConfiguration.PartnerIdentityProviderConfigurations.AddPartnerIdentityProvider(partnerIdentityProviderConfiguration );
if (ComponentSpace.SAML2.SAMLController.Configurations.Keys.Contains(ssoUrl))
{
ComponentSpace.SAML2.SAMLController.Configurations.Remove(ssoUrl);
ComponentSpace.SAML2.SAMLController.Configurations.Add(ssoUrl, samlConfiguration);
}
else
ComponentSpace.SAML2.SAMLController.Configurations.Add(ssoUrl, samlConfiguration);
ComponentSpace.SAML2.SAMLController.ConfigurationID = ssoUrl;
SAMLServiceProvider.InitiateSSO(Response, null, "http://company.com/adfs/services/trust");

401 when adding customer with QB Online API v3

I keep getting a 401 when I try to add a customer with QB Online API v3. The xml works in the API Explorer, and I'm able to query customers from my program. I just can't POST. What am I doing wrong?
string reqBody = "<Customer xmlns=\"http://schema.intuit.com/finance/v3\" domain=\"QBO\" sparse=\"false\"><DisplayName>Empire Records</DisplayName>"
+ "<BillAddr><Line1>201 S King St</Line1><City>Seattle</City><CountrySubDivisionCode>WA</CountrySubDivisionCode><PostalCode>98104</PostalCode></BillAddr>"
+ "<PrimaryPhone><FreeFormNumber>425-867-5309</FreeFormNumber></PrimaryPhone><PrimaryEmailAddr><Address>helpme#thefly.con</Address></PrimaryEmailAddr></Customer>";
IConsumerRequest req = session.Request();
req = req.Post().WithRawContentType("application/xml").WithRawContent(System.Text.Encoding.ASCII.GetBytes(reqBody));
req.AcceptsType = "application/xml";
string response = req.Post().ForUrl("https://quickbooks.api.intuit.com/v3/company/" + realmID + "/customer").ToString()
OAuthConsumerContext consumerContext1 = new OAuthConsumerContext
{
ConsumerKey = ConfigurationManager.AppSettings["consumerKey"].ToString(),
SignatureMethod = SignatureMethod.HmacSha1,
ConsumerSecret = ConfigurationManager.AppSettings["consumerSecret"].ToString()
};
OAuthSession oSession1 = new OAuthSession(consumerContext1, "https://oauth.intuit.com/oauth/v1/get_request_token",
"https://workplace.intuit.com/Connect/Begin",
"https://oauth.intuit.com/oauth/v1/get_access_token");
oSession1.ConsumerContext.UseHeaderForOAuthParameters = true;

Classic ASP emails not working with Outlook SMTP relay

I am trying to get the classic ASP page working with Outlook (Microsoft Web Email) SMTP relay. I am getting the following error :
CDO.Message.1 error '80040213'
The transport failed to connect to the server.
My code looks like
dim objEmail
Set objEmail = Server.CreateObject("cdo.message")
objEmail.To = list
objEmail.From = "xyz#abc.com"
objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = smtpServer
objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusername") = username
objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendpassword") = password
objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 1
objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpusessl") = 1
objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 587
objEmail.Configuration.Fields.Update
objEmail.Send
I tested with GMAIL and this thing snippet works fine with it. I guess I am missing something in configuration of Outlook SMTP
Here is an example that does work. Make sure that the account you use has a mailbox, and the from adress is indeed the account adress.
ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true;
var msg = new MailMessage();
msg.Subject = "Hello";
msg.Body = "Hello Sir";
msg.From = new MailAddress("no.reply#contoso.com");
msg.To.Add("user#contoso.com");
var client = new SmtpClient("smtp.outlook.office365.com");
client.Port = 587;
client.Credentials = new NetworkCredential("no.reply#contoso.com", "******");
client.EnableSsl = true;
client.Send(msg);

InvalidTokenException was unhandled by user code - "Unauthorized"

This is my code:
string accessToken = "##";
string accessTokenSecret = "##";
string consumerKey = "##";
string consumerSecret = "##";
string appToken = "##";
string realmId = "##"; //company id in quickbooks online
OAuthRequestValidator oauthValidator = new OAuthRequestValidator(accessToken, accessTokenSecret, consumerKey, consumerSecret);
ServiceContext context = new ServiceContext(oauthValidator, appToken, realmId, IntuitServicesType.QBO);
I am receiving: InvalidTokenException was unhandled by user code - {"Unauthorized"}
in the creating the new ServiceContext line. Not sure what the problem is.
Thanks for any help provided.
This error message:
InvalidTokenException was unhandled by user code - {"Unauthorized"}
Occurs when the OAuth tokens you're using are no longer valid.
I would double-check that:
You're using a valid set of OAuth tokens that you got from Intuit
The tokens are not expired (the Developer Playground tokens are very
short lived, longer-lived 6-month tokens are available if you set up
your own actual OAuth endpoint)
Here is Intuit's documentation for setting up your own OAuth endpoint:
http://docs.developer.intuit.com/0025_Intuit_Anywhere/0010_Getting_Started/0020_Connect/0010_From_Within_Your_App/Implement_OAuth_in_Your_App

The request was aborted: Could not create SSL/TLS secure channel.

I want to implement Paypal dodirect method for user can do payment directly on my website instead of redirecting to user
so for that i have added this URL as https://www.sandbox.paypal.com/wsdl/PayPalSvc.wsdl
and i am using following code
PayPalAPIAAInterfaceClient objpaypalapiaainterfaceclient = new PayPalAPIAAInterfaceClient("paypalapiaa");
CustomSecurityHeaderType objcustomsecurityheadertype = new CustomSecurityHeaderType();
objcustomsecurityheadertype.Credentials = new UserIdPasswordType();
objcustomsecurityheadertype.Credentials.Signature = "a8ft-8ji.2tzocnfshfjj4ahgxn4avlxzply8bmsbupxafkbty2--c6p";
objcustomsecurityheadertype.Credentials.Username = "fred_1350925179_biz_api1.gmail.com";
objcustomsecurityheadertype.Credentials.Password = "1350925199";
DoDirectPaymentReq objdodirectpaymentreq = new DoDirectPaymentReq();
objdodirectpaymentreq.DoDirectPaymentRequest = new DoDirectPaymentRequestType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails = new DoDirectPaymentRequestDetailsType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentAction = new PaymentActionCodeType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentAction = PaymentActionCodeType.Sale;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentDetails = new PaymentDetailsType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard = new CreditCardDetailsType();
//objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentDetails.InvoiceID = "1";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.IPAddress = Request.ServerVariables["remote_addr"].ToString();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CreditCardType = CreditCardTypeType.MasterCard;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentDetails.OrderTotal = new BasicAmountType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner = new PayerInfoType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerName = new PersonNameType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentDetails.OrderTotal.currencyID = CurrencyCodeType.USD;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address = new AddressType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentDetails.OrderTotal.Value = "120";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CreditCardNumber ="1111222233334444";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CVV2 = "258";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.ExpMonth = 9;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.ExpYear = 2013;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Payer = "rahularyansharma#gmail.com";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerName.FirstName = "Shakti";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerName.LastName = "Kapoor";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.Street1 ="test address";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.CityName = "Atlanta";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.StateOrProvince = "ga";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.Country = CountryCodeType.US;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.PostalCode = "12345";
DoDirectPaymentResponseType objdodirectpaymentresponsetype = objpaypalapiaainterfaceclient.DoDirectPayment(ref objcustomsecurityheadertype, objdodirectpaymentreq);
now when i am run this code throwing followin exception
'
The request was aborted: Could not create SSL/TLS secure channel.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
You can confirm the SSL protocol for https://www.sandbox.paypal.com, using https://www.ssllabs.com/ssltest. The screenshot shows that it supports TLS 1.2 You will need to add the following two lines to your code at the point of making httpclient call:
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
Sample:
The implementation should solve the problem.
Sorry, i cannot add this as a comment/question.
It seems like one of certificates for paypal is not in the trusted list.
Can you try download paypal root certificate and install it as trusted CA?
I think this two links can help you:
https://www.sslshopper.com/ssl-certificate-not-trusted-error.html
and
http://raysilvadotnet.wordpress.com/2014/02/13/problema-system-net-webexception-the-request-was-aborted-could-not-create-ssltls-secure-channel/
(sorry, cannot insert more than 2 links as normal links)
Also, please make sure you authenticating via login/password not certificate. If you are using certificate for API, you should follow last paragraph of this link