473,837 Members | 1,559 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Forms Authentication Problem

I tried on the Security newgroup, as well as other places, and haven't
gotten an answer yet - - I'm pulling my hair out over this one.

I'm trying to get Forms Authentication working.....I can get any requested
page to automatically go to the Login.aspx page, AND, the ReturnURL
querystring is correct in the address bar, but no matter what, I can't get
it, once the user is authenticated, to redirect to the new page. It ALWAYS
refreshes the Login.aspx page!

My database has all the users - - I query the database and validate the user
there. This part works - - I've totally verified this.
Then - - I've got this:
if ValidUser="True " then
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) '
<-------this is the part that DOES NOT work at all - - it never redirects
the page

The machine.config points to the correct path for the WebUIValidation .js
file....I'm using MSIE, as are all the other users who are going to be
hitting this app. - - Scripting is allowed.

in the Web.Config, I've got:
<authenticati on mode="Forms">
<forms name=".MyApp"
loginUrl="login .aspx"
protection="All "
timeout="480"
path="/"
/>
</authentication>
<authorizatio n>
<deny users ="?" />
</authorization>
And I'm importing the Web.Security Namespace on each page.
Does Each subsequent page need anything else in it to make this work?
Please help - - I've been working on this for over a week now! What am I
missing?
Nov 17 '05 #1
11 3616
are you sure ValidUser is returning "true" ?

"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. ..
I tried on the Security newgroup, as well as other places, and haven't
gotten an answer yet - - I'm pulling my hair out over this one.

I'm trying to get Forms Authentication working.....I can get any requested
page to automatically go to the Login.aspx page, AND, the ReturnURL
querystring is correct in the address bar, but no matter what, I can't get
it, once the user is authenticated, to redirect to the new page. It ALWAYS
refreshes the Login.aspx page!

My database has all the users - - I query the database and validate the user there. This part works - - I've totally verified this.
Then - - I've got this:
if ValidUser="True " then
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) '
<-------this is the part that DOES NOT work at all - - it never redirects
the page

The machine.config points to the correct path for the WebUIValidation .js
file....I'm using MSIE, as are all the other users who are going to be
hitting this app. - - Scripting is allowed.

in the Web.Config, I've got:
<authenticati on mode="Forms">
<forms name=".MyApp"
loginUrl="login .aspx"
protection="All "
timeout="480"
path="/"
/>
</authentication>
<authorizatio n>
<deny users ="?" />
</authorization>
And I'm importing the Web.Security Namespace on each page.
Does Each subsequent page need anything else in it to make this work?
Please help - - I've been working on this for over a week now! What am I
missing?

Nov 17 '05 #2
Yes - I'm sure - absolutely positive

"Seaside" <ss@hotmail.com > wrote in message
news:ez******** ******@tk2msftn gp13.phx.gbl...
are you sure ValidUser is returning "true" ?

"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. ..
I tried on the Security newgroup, as well as other places, and haven't
gotten an answer yet - - I'm pulling my hair out over this one.

I'm trying to get Forms Authentication working.....I can get any requested page to automatically go to the Login.aspx page, AND, the ReturnURL
querystring is correct in the address bar, but no matter what, I can't get it, once the user is authenticated, to redirect to the new page. It ALWAYS refreshes the Login.aspx page!

My database has all the users - - I query the database and validate the

user
there. This part works - - I've totally verified this.
Then - - I've got this:
if ValidUser="True " then
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) '
<-------this is the part that DOES NOT work at all - - it never redirects the page

The machine.config points to the correct path for the WebUIValidation .js
file....I'm using MSIE, as are all the other users who are going to be
hitting this app. - - Scripting is allowed.

in the Web.Config, I've got:
<authenticati on mode="Forms">
<forms name=".MyApp"
loginUrl="login .aspx"
protection="All "
timeout="480"
path="/"
/>
</authentication>
<authorizatio n>
<deny users ="?" />
</authorization>
And I'm importing the Web.Security Namespace on each page.
Does Each subsequent page need anything else in it to make this work?
Please help - - I've been working on this for over a week now! What am I
missing?


Nov 17 '05 #3
Thanks - I checked it out - - all the code listings links don't go to the
code at all....nice article, but it doesn't tell me where my problem is.
BTW - If I remove the deny users part - - - - it bypasses the login.aspx
file altogether. I at least had that working
"S. Justin Gengo" <sj*****@aboutf ortunate.com> wrote in message
news:%2******** *******@TK2MSFT NGP12.phx.gbl.. .
Elmo,

When you use a database with forms authentication you need to remove the
deny users attribute in the web.config file. You then have to create a
method that does the validation for you.

Here's a good article about using a database with form authentication:
http://www.zdnet.com.au/builder/prog...0274191,00.htm
Sincerely,

--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. ..
I tried on the Security newgroup, as well as other places, and haven't
gotten an answer yet - - I'm pulling my hair out over this one.

I'm trying to get Forms Authentication working.....I can get any requested page to automatically go to the Login.aspx page, AND, the ReturnURL
querystring is correct in the address bar, but no matter what, I can't get it, once the user is authenticated, to redirect to the new page. It ALWAYS refreshes the Login.aspx page!

My database has all the users - - I query the database and validate the

user
there. This part works - - I've totally verified this.
Then - - I've got this:
if ValidUser="True " then
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) '
<-------this is the part that DOES NOT work at all - - it never redirects the page

The machine.config points to the correct path for the WebUIValidation .js
file....I'm using MSIE, as are all the other users who are going to be
hitting this app. - - Scripting is allowed.

in the Web.Config, I've got:
<authenticati on mode="Forms">
<forms name=".MyApp"
loginUrl="login .aspx"
protection="All "
timeout="480"
path="/"
/>
</authentication>
<authorizatio n>
<deny users ="?" />
</authorization>
And I'm importing the Web.Security Namespace on each page.
Does Each subsequent page need anything else in it to make this work?
Please help - - I've been working on this for over a week now! What am I
missing?


Nov 17 '05 #4
see S.Justin Gengo's reply

"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:Oi******** ******@TK2MSFTN GP12.phx.gbl...
Yes - I'm sure - absolutely positive

"Seaside" <ss@hotmail.com > wrote in message
news:ez******** ******@tk2msftn gp13.phx.gbl...
are you sure ValidUser is returning "true" ?

"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. ..
I tried on the Security newgroup, as well as other places, and haven't
gotten an answer yet - - I'm pulling my hair out over this one.

I'm trying to get Forms Authentication working.....I can get any requested page to automatically go to the Login.aspx page, AND, the ReturnURL
querystring is correct in the address bar, but no matter what, I can't get it, once the user is authenticated, to redirect to the new page. It ALWAYS refreshes the Login.aspx page!

My database has all the users - - I query the database and validate the
user
there. This part works - - I've totally verified this.
Then - - I've got this:
if ValidUser="True " then
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) '
<-------this is the part that DOES NOT work at all - - it never redirects the page

The machine.config points to the correct path for the

WebUIValidation .js file....I'm using MSIE, as are all the other users who are going to be
hitting this app. - - Scripting is allowed.

in the Web.Config, I've got:
<authenticati on mode="Forms">
<forms name=".MyApp"
loginUrl="login .aspx"
protection="All "
timeout="480"
path="/"
/>
</authentication>
<authorizatio n>
<deny users ="?" />
</authorization>
And I'm importing the Web.Security Namespace on each page.
Does Each subsequent page need anything else in it to make this work?
Please help - - I've been working on this for over a week now! What am I missing?



Nov 17 '05 #5
Elmo,

It may be redirecting to the page, then redirecting right back to the login
page when it's found that the user isn't authenticated.

The question will be "why isn't the user authenticated when I think he
should be?" Answers I've seen include:

1) Because the cookie is set up wrong and Forms Authentication never sees
it. Check on the domain, path and expiration of the cookie. In particular,
make sure the cookie domain matches your domain. localhost has a blank
domain, BTW.
2) Because the login page and the page you're redirecting to have different
values in the <machineKey> entry in machine.config or web.config.
3) The user _is_ authenticated, but not authorized. Maybe URL authorization
has a typo in a role name, or roles aren't being applied in global.asax.

It sounds like it's time for you to look one layer deeper. In particular,
try turning on tracing in web.config:

<trace enabled="true" requestLimit="1 00" pageOutput="fal se"
traceMode="Sort ByTime" localOnly="true " />

Then reproduce the problem and navigate to
http://localhost/yourSite/trace.axd. It may be instructive.
--
John Saunders
Internet Engineer
jo***********@s urfcontrol.com

"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. ..
I tried on the Security newgroup, as well as other places, and haven't
gotten an answer yet - - I'm pulling my hair out over this one.

I'm trying to get Forms Authentication working.....I can get any requested
page to automatically go to the Login.aspx page, AND, the ReturnURL
querystring is correct in the address bar, but no matter what, I can't get
it, once the user is authenticated, to redirect to the new page. It ALWAYS
refreshes the Login.aspx page!

My database has all the users - - I query the database and validate the user there. This part works - - I've totally verified this.
Then - - I've got this:
if ValidUser="True " then
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) '
<-------this is the part that DOES NOT work at all - - it never redirects
the page

The machine.config points to the correct path for the WebUIValidation .js
file....I'm using MSIE, as are all the other users who are going to be
hitting this app. - - Scripting is allowed.

in the Web.Config, I've got:
<authenticati on mode="Forms">
<forms name=".MyApp"
loginUrl="login .aspx"
protection="All "
timeout="480"
path="/"
/>
</authentication>
<authorizatio n>
<deny users ="?" />
</authorization>
And I'm importing the Web.Security Namespace on each page.
Does Each subsequent page need anything else in it to make this work?
Please help - - I've been working on this for over a week now! What am I
missing?

Nov 17 '05 #6
Hmmm,

That website must be having some pretty big link problems! I had bookmarked
it a long time ago. It looks like all their articles file links aren't
working.

Here's a line of code from a different article that I think pertains to you:

If blnIsAuthentica ted Then
FormsAuthentica tion.RedirectFr omLoginPage(str User,
chkPersistLogin .Checked)
End If

This article is using an xml file instead of a database to store usernames
and passwords but the concept is the same. Here's the link:
http://www.15seconds.com/issue/020305.htm

Sincerecly,
--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:eS******** ******@TK2MSFTN GP11.phx.gbl...
Thanks - I checked it out - - all the code listings links don't go to the
code at all....nice article, but it doesn't tell me where my problem is.
BTW - If I remove the deny users part - - - - it bypasses the login.aspx
file altogether. I at least had that working
"S. Justin Gengo" <sj*****@aboutf ortunate.com> wrote in message
news:%2******** *******@TK2MSFT NGP12.phx.gbl.. .
Elmo,

When you use a database with forms authentication you need to remove the
deny users attribute in the web.config file. You then have to create a
method that does the validation for you.

Here's a good article about using a database with form authentication:

http://www.zdnet.com.au/builder/prog...0274191,00.htm

Sincerely,

--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. ..
I tried on the Security newgroup, as well as other places, and haven't
gotten an answer yet - - I'm pulling my hair out over this one.

I'm trying to get Forms Authentication working.....I can get any requested page to automatically go to the Login.aspx page, AND, the ReturnURL
querystring is correct in the address bar, but no matter what, I can't get it, once the user is authenticated, to redirect to the new page. It ALWAYS refreshes the Login.aspx page!

My database has all the users - - I query the database and validate the
user
there. This part works - - I've totally verified this.
Then - - I've got this:
if ValidUser="True " then
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) '
<-------this is the part that DOES NOT work at all - - it never redirects the page

The machine.config points to the correct path for the

WebUIValidation .js file....I'm using MSIE, as are all the other users who are going to be
hitting this app. - - Scripting is allowed.

in the Web.Config, I've got:
<authenticati on mode="Forms">
<forms name=".MyApp"
loginUrl="login .aspx"
protection="All "
timeout="480"
path="/"
/>
</authentication>
<authorizatio n>
<deny users ="?" />
</authorization>
And I'm importing the Web.Security Namespace on each page.
Does Each subsequent page need anything else in it to make this work?
Please help - - I've been working on this for over a week now! What am I missing?



Nov 17 '05 #7
Actually - I have had Tracing on & off several times - -
I see that the cookie is set - - but the weird thing is how it's showing - -
I went to the temporary internet files directory to watch when the cookie
shows up.

I run a page on the site in IE, get referred to the login page, login, and,
as usual, it does NOT redirect me to the original page....
Keep in mind, still no cookie in the directory -- then I close IE - - -
still no cookie.
THEN - when I start IE AGAIN, only going to its default page - - the cookie
shows up in the directory - - I don't get how this behavior works, at all.

Still - the same login scenario happens - - no redirect.

You said:
Maybe URL authorization has a typo in a role name, or roles aren't being
applied in global.asax.

I don't have any roles in play here - this scenario, at this point is
supposed to check against a database table for authorization - - if
there - - validuser is true, else it's false
if it's true, I have it set like this:
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) and again -
here's where it doesn't work. It DOES, however, set the cookie, named the
same as in the web.config file.

Anything else?? Nothing shows up as

"John Saunders" <jo***********@ surfcontrol.com > wrote in message
news:OL******** ******@TK2MSFTN GP11.phx.gbl...
Elmo,

It may be redirecting to the page, then redirecting right back to the login page when it's found that the user isn't authenticated.

The question will be "why isn't the user authenticated when I think he
should be?" Answers I've seen include:

1) Because the cookie is set up wrong and Forms Authentication never sees
it. Check on the domain, path and expiration of the cookie. In particular,
make sure the cookie domain matches your domain. localhost has a blank
domain, BTW.
2) Because the login page and the page you're redirecting to have different values in the <machineKey> entry in machine.config or web.config.
3) The user _is_ authenticated, but not authorized. Maybe URL authorization has a typo in a role name, or roles aren't being applied in global.asax.

It sounds like it's time for you to look one layer deeper. In particular,
try turning on tracing in web.config:

<trace enabled="true" requestLimit="1 00" pageOutput="fal se"
traceMode="Sort ByTime" localOnly="true " />

Then reproduce the problem and navigate to
http://localhost/yourSite/trace.axd. It may be instructive.
--
John Saunders
Internet Engineer
jo***********@s urfcontrol.com

"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. ..
I tried on the Security newgroup, as well as other places, and haven't
gotten an answer yet - - I'm pulling my hair out over this one.

I'm trying to get Forms Authentication working.....I can get any

requested page to automatically go to the Login.aspx page, AND, the ReturnURL
querystring is correct in the address bar, but no matter what, I can't get it, once the user is authenticated, to redirect to the new page. It ALWAYS refreshes the Login.aspx page!

My database has all the users - - I query the database and validate the

user
there. This part works - - I've totally verified this.
Then - - I've got this:
if ValidUser="True " then
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) '
<-------this is the part that DOES NOT work at all - - it never redirects the page

The machine.config points to the correct path for the WebUIValidation .js
file....I'm using MSIE, as are all the other users who are going to be
hitting this app. - - Scripting is allowed.

in the Web.Config, I've got:
<authenticati on mode="Forms">
<forms name=".MyApp"
loginUrl="login .aspx"
protection="All "
timeout="480"
path="/"
/>
</authentication>
<authorizatio n>
<deny users ="?" />
</authorization>
And I'm importing the Web.Security Namespace on each page.
Does Each subsequent page need anything else in it to make this work?
Please help - - I've been working on this for over a week now! What am I
missing?


Nov 17 '05 #8
Yeah - - that's what I'm using exactly - - that's what doesn't work
correctly
I'm totally lost here......I guess I'll just have to roll my own
authentication system - - I've been at this over a week and I could have had
it all done, if I had manually created it.

Thanks for the help - - if you think of something else - - - post back,
please.

"S. Justin Gengo" <sj*****@aboutf ortunate.com> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. ..
Hmmm,

That website must be having some pretty big link problems! I had bookmarked it a long time ago. It looks like all their articles file links aren't
working.

Here's a line of code from a different article that I think pertains to you:
If blnIsAuthentica ted Then
FormsAuthentica tion.RedirectFr omLoginPage(str User,
chkPersistLogin .Checked)
End If

This article is using an xml file instead of a database to store usernames
and passwords but the concept is the same. Here's the link:
http://www.15seconds.com/issue/020305.htm

Sincerecly,
--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:eS******** ******@TK2MSFTN GP11.phx.gbl...
Thanks - I checked it out - - all the code listings links don't go to the
code at all....nice article, but it doesn't tell me where my problem is.
BTW - If I remove the deny users part - - - - it bypasses the login.aspx file altogether. I at least had that working
"S. Justin Gengo" <sj*****@aboutf ortunate.com> wrote in message
news:%2******** *******@TK2MSFT NGP12.phx.gbl.. .
Elmo,

When you use a database with forms authentication you need to remove the deny users attribute in the web.config file. You then have to create a
method that does the validation for you.

Here's a good article about using a database with form authentication:

http://www.zdnet.com.au/builder/prog...0274191,00.htm

Sincerely,

--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. ..
> I tried on the Security newgroup, as well as other places, and haven't > gotten an answer yet - - I'm pulling my hair out over this one.
>
> I'm trying to get Forms Authentication working.....I can get any

requested
> page to automatically go to the Login.aspx page, AND, the ReturnURL
> querystring is correct in the address bar, but no matter what, I can't
get
> it, once the user is authenticated, to redirect to the new page. It

ALWAYS
> refreshes the Login.aspx page!
>
> My database has all the users - - I query the database and validate the user
> there. This part works - - I've totally verified this.
> Then - - I've got this:
> if ValidUser="True " then
> FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) '
> <-------this is the part that DOES NOT work at all - - it never

redirects
> the page
>
> The machine.config points to the correct path for the WebUIValidation .js > file....I'm using MSIE, as are all the other users who are going to
be > hitting this app. - - Scripting is allowed.
>
> in the Web.Config, I've got:
> <authenticati on mode="Forms">
> <forms name=".MyApp"
> loginUrl="login .aspx"
> protection="All "
> timeout="480"
> path="/"
> />
> </authentication>
> <authorizatio n>
> <deny users ="?" />
> </authorization>
> And I'm importing the Web.Security Namespace on each page.
> Does Each subsequent page need anything else in it to make this work? > Please help - - I've been working on this for over a week now! What

am I > missing?
>
>



Nov 17 '05 #9
Elmo,

Let's be sure we understand each other. Here's a sequence of events to
reproduce:

1) Close _all_ of your browsers
2) Start up IE (preferably with your home page set to about:blank).
3) Navigate to a page which requires you to be authenticated
4) You should be redirected to the login page
5) Check for the cookie it should be absent.
6) Log in. It should attempt to redirect you to the original page.
7) Whether or not it redirected you, check for the cookie again. If it's
there, post the details, in particular, the path, domain and expiration.

BTW, I don't know how you're seeing the cookie at all. Session cookies
aren't displayed in IE's "View Files" dialog. You'd do better to use a tool
like ProxyTrace from http://pocketsoap.com, which will allow you to see the
actual Set-Cookie header(s).
--
John Saunders
Internet Engineer
jo***********@s urfcontrol.com
"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:eX******** ******@TK2MSFTN GP10.phx.gbl...
Actually - I have had Tracing on & off several times - -
I see that the cookie is set - - but the weird thing is how it's showing - - I went to the temporary internet files directory to watch when the cookie
shows up.

I run a page on the site in IE, get referred to the login page, login, and, as usual, it does NOT redirect me to the original page....
Keep in mind, still no cookie in the directory -- then I close IE - - -
still no cookie.
THEN - when I start IE AGAIN, only going to its default page - - the cookie shows up in the directory - - I don't get how this behavior works, at all.
Still - the same login scenario happens - - no redirect.

You said:
>Maybe URL authorization has a typo in a role name, or roles aren't being
applied in global.asax.

I don't have any roles in play here - this scenario, at this point is
supposed to check against a database table for authorization - - if
there - - validuser is true, else it's false
if it's true, I have it set like this:
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) and again -
here's where it doesn't work. It DOES, however, set the cookie, named the
same as in the web.config file.

Anything else?? Nothing shows up as

"John Saunders" <jo***********@ surfcontrol.com > wrote in message
news:OL******** ******@TK2MSFTN GP11.phx.gbl...
Elmo,

It may be redirecting to the page, then redirecting right back to the

login
page when it's found that the user isn't authenticated.

The question will be "why isn't the user authenticated when I think he
should be?" Answers I've seen include:

1) Because the cookie is set up wrong and Forms Authentication never sees
it. Check on the domain, path and expiration of the cookie. In particular, make sure the cookie domain matches your domain. localhost has a blank
domain, BTW.
2) Because the login page and the page you're redirecting to have

different
values in the <machineKey> entry in machine.config or web.config.
3) The user _is_ authenticated, but not authorized. Maybe URL

authorization
has a typo in a role name, or roles aren't being applied in global.asax.

It sounds like it's time for you to look one layer deeper. In particular, try turning on tracing in web.config:

<trace enabled="true" requestLimit="1 00" pageOutput="fal se"
traceMode="Sort ByTime" localOnly="true " />

Then reproduce the problem and navigate to
http://localhost/yourSite/trace.axd. It may be instructive.
--
John Saunders
Internet Engineer
jo***********@s urfcontrol.com

"ElmoWatson " <sp**********@y ahoo.com> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. ..
I tried on the Security newgroup, as well as other places, and haven't
gotten an answer yet - - I'm pulling my hair out over this one.

I'm trying to get Forms Authentication working.....I can get any requested page to automatically go to the Login.aspx page, AND, the ReturnURL
querystring is correct in the address bar, but no matter what, I can't get it, once the user is authenticated, to redirect to the new page. It ALWAYS refreshes the Login.aspx page!

My database has all the users - - I query the database and validate
the user
there. This part works - - I've totally verified this.
Then - - I've got this:
if ValidUser="True " then
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) '
<-------this is the part that DOES NOT work at all - - it never

redirects the page

The machine.config points to the correct path for the

WebUIValidation .js file....I'm using MSIE, as are all the other users who are going to be
hitting this app. - - Scripting is allowed.

in the Web.Config, I've got:
<authenticati on mode="Forms">
<forms name=".MyApp"
loginUrl="login .aspx"
protection="All "
timeout="480"
path="/"
/>
</authentication>
<authorizatio n>
<deny users ="?" />
</authorization>
And I'm importing the Web.Security Namespace on each page.
Does Each subsequent page need anything else in it to make this work?
Please help - - I've been working on this for over a week now! What am I missing?



Nov 17 '05 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
4850
by: Billy Jacobs | last post by:
I have a website which has both secure and non-secure pages. I want to uses forms authentication. How do I accomplish this? Originally I had my web.config file in the root with Forms Authentication set up and it worked just fine. Then I realized that I needed to have some pages unsecure. I then created 2 directories. One named Secure and the other named Public. I placed my web.config file in my
2
1732
by: Senthil | last post by:
1. Created a new C# web application project 2. Change the name of webform1 to login.aspx 3. And in the .cs file change the name of the class to login, and include System.web.security namespace. 4. Place a textbox and a button in the login.aspx form. 5. Have the following code in the button click event. if (true) { FormsAuthentication.RedirectFromLoginPage(TextBox1.Text, false)
4
2751
by: Greg Burns | last post by:
I have built a web app that uses forms authentication. There isn't a "remember me" feature (i.e. the authentication cookie is not permanent). When you close the browser, and open a new one, you must log in again. This is the behavior I expected. I just discovered that if I have a browser window open (to anything) prior to opening my web app in a new browser window, it appears to share session information. I can then open and close my...
3
4876
by: Kris van der Mast | last post by:
Hi, I've created a little site for my sports club. In the root folder there are pages that are viewable by every anonymous user but at a certain subfolder my administration pages should be protected by forms authentication. When I create forms authentication at root level it works but when I move my code up to the subfolder I get this error: Server Error in '/TestProjects/FormsAuthenticationTestingArea' Application.
9
4641
by: Hermit Dave | last post by:
Hi, I am making a web application (rather two applications) one which is host and used by customers when they are just browsing through products. The second application resides on a secure server. This is going to hold all account related information for the customers and will also be used for admin The login is implemented using forms authentication and i was just reading up about that... but as everyone already knows.... its all...
1
3520
by: Rob | last post by:
I have an ASP.NET application that uses forms-based authentication. A user wishes to be able to run multiple sessions of this application simultaneously from the user's client machine. The web.config file is configured as such: <authentication mode="Forms"> <forms loginUrl="Login.aspx" protection="All" name="myApplication"/> </authentication>
5
2882
by: Gavin Stevens | last post by:
I'm trying to figure out the ASP.NET Forms Auth I have 3 or 4 pages i want to allow anonymous access to.. Then I have 5 or 6 pages I placed in another directory in the webproject. These I want to manually authenticate users to provide acess My project has 2 web.config files... the default file <authentication mode="Forms"><forms loginUrl="Login.aspx" protection="All" timeout="30"...
7
2051
by: Justin | last post by:
I am trying to password protect a subdirectory using forms authentication. I am using the "Location" tag to specify the directory to be protected. The login.aspx page is in the root directory of the app. Here is the web.config: <location path="Admin"> <system.web> <authentication mode="Forms"> <forms name="authAdmin" loginUrl="Login.aspx" protection="All" timeout="30"> <credentials passwordFormat="Clear"> <user name="Admin"...
1
6457
by: n33470 | last post by:
Hi all, We have an asp.net 1.1 app that we're in the process of converting to 2.0. What I'm about to describe runs just great in the 1.1 framework, but does not work in the 2.0 framework. This app uses forms authentication and denies all unauthenticated users. There is a location override in the web.config so that we can open up a directory for unauthenticated users to create a login account. There is only 1 web.config in the...
4
424
by: =?Utf-8?B?R3V1czEyMw==?= | last post by:
Hi, I created a web site on a remote server. To logon the user must enter a user id and password. The site is uses Forms Authentication. The web config file looks as follows: <configuration> <system.web> <customErrors mode="Off"/>
0
9835
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, weíll explore What is ONU, What Is Router, ONU & Routerís main usage, and What is the difference between ONU and Router. Letís take a closer look ! Part I. Meaning of...
0
9682
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
10870
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
6996
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
5667
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
0
5843
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
4469
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
2
4036
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
3122
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.