– user63466 Feb 6 '09 at 20:34 I don't think you've really considered what I said, if you don't consider it a "real answer. " Geneva does what you want. – Craig Stuntz Feb 6 '09 at 21:16 Downloaded Geneva white paper.
Read it. Requires server side change = Out of my hands. Not a real solution in this case.
Not trying to hurt you ego or anything, but I need a client side solution without changing the architecture completely... Thanks! – user63466 Feb 9 '09 at 16:38.
CODE: public class MyAuthenticate : ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { if (filterContext.HttpContext. Session"user" == null) { using (Authenticator dp = new Authenticator()) { MyUser mu; string data = string. Empty; try { data = filterContext.HttpContext.
Request"Data"; } catch { }; if (!string. IsNullOrEmpty(data)) { mu = dp. Redeem(data); if (mu.
Authenticated) { filterContext.HttpContext.Session.Clear(); AuthenticatedUser user = new AuthenticatedUser(mu); filterContext.HttpContext.Session. Add("user", user); FormsAuthentication. SetAuthCookie(user.
UserId, false); } else { filterContext.HttpContext.Response. Redirect("MY EXTERNAL URL GOES HERE! "); } } else { filterContext.HttpContext.Response.
Redirect("MY EXTERNAL URL GOES HERE! "); } } } base. OnActionExecuting(filterContext); } } }.
It dosen't matter if I use this code or Just set the Forms auth in the web config with an external URL - the same behavior is observed- keep getting several hits to the external url (more than 30/sec). – user63466 Feb 9 '09 at 16:46.
I resolved this issue by creating a static dictionary of requesting IPs, and dropping duplicate requests from the same IP. Not a very nice solution - so if anyone figures out a better solution - let me know.
As it turns out, the issue was with the fact that validation, depending on the content of the token, got rid of it - without any exception being throw.... :( – user63466 Feb 11 '09 at 19:57.
Our organization has a central solution for forms authentication. I am trying to implement an ASP.Net MVC app that uses this external URL - and it worked till RC! The trouble is that till I updated to RC1, this worked.
Since then, so many requests are being sent to the external URL that it detects a DoS attack and shuts me out! I removed the redirection code and replaced it with the web. Config changes for Forms Auth - and the same thing happened...
I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.