Hi All -
I'm an MCAD and I've got a real head-scratcher here.
I've created a ASP.NET Web Application for a client that
essentially is a wrapper for SQL Reporting Services (they wanted a
custom security model). The application uses ASP.NET 2.0 and forms
authentication to lock down the site. I've used Forms Authentication in
the past and have never had the problem I'm about to describe.
The site works perfectly on my development machine, but after
uploading it to the server, the server completely ignores the forms
authentication, allowing anyone to access any page in the site. The
site works otherwise exactly as it should--no code errors, nothing.
Here is the pertinent information about the server:
Windows 2003 Server
ASP.NET 1.1 is used by default
ASP.NET 2.0 is installed and functional for this application
It has SQL Reporting Services 2005 and Great Plains Portal
installed (which uses Sharepoint--I have already excluded the
application path using stsadm)
From the logon script, the page does the correct database check
and sets the cookie, however, somehow the user is never actually logged
on. I have a logonview control in the master page file and the loggedon
template never appears, but I am given access to the full site.
Accessing a locked-down page without logging on is granted, as if
the web config files weren't set correctly, but I have a web config
file inside each folder preventing anonymous users.
Any Ideas?
-Mark
5  1558 
What do you mean...asp.net 1.1 is used by default? I think that you
must set IIS to run asp.net 2.0 (and then reboot afterwards) before
your app can run properly. Folks, feel free to correct me if I am
wrong...
Mark Milley wrote: Hi All -
I'm an MCAD and I've got a real head-scratcher here.
I've created a ASP.NET Web Application for a client that
essentially is a wrapper for SQL Reporting Services (they wanted a
custom security model). The application uses ASP.NET 2.0 and forms
authentication to lock down the site. I've used Forms Authentication in
the past and have never had the problem I'm about to describe.
The site works perfectly on my development machine, but after
uploading it to the server, the server completely ignores the forms
authentication, allowing anyone to access any page in the site. The
site works otherwise exactly as it should--no code errors, nothing.
Here is the pertinent information about the server:
Windows 2003 Server
ASP.NET 1.1 is used by default
ASP.NET 2.0 is installed and functional for this application
It has SQL Reporting Services 2005 and Great Plains Portal
installed (which uses Sharepoint--I have already excluded the
application path using stsadm)
From the logon script, the page does the correct database check
and sets the cookie, however, somehow the user is never actually logged
on. I have a logonview control in the master page file and the loggedon
template never appears, but I am given access to the full site.
Accessing a locked-down page without logging on is granted, as if
the web config files weren't set correctly, but I have a web config
file inside each folder preventing anonymous users.
Any Ideas?
-Mark
No, you CAN have mutiple instance of the framework being used by IIS.
After installing the .NET Framework 2.0, you simply use
C:\WINDOWS\Micr osoft.NET\Frame work\v2.0.xxxx\ aspnet_regiis -i on a
particular virutal directory to install ASP.NET 2.0 to that folder, or,
you can install ASP.NET to the entire server (by not specifying a
path).
You can also do the opposite; if you have installed ASP.NET 2.0 to the
root (with recursion), you can specify asp.net 1.1 to a virtual
directory by using the aspnet_regiis in the v1.1.xxxx folder.
Thanks...
Further Wierdness...
....It's not even sending the forms auth cookie to my browser. WTF???
Okay, this looks like some kind of bug. My best guess is that great
plains portal/sharepoint may be the culprit.
After I moved the application into it's own web site (instead of a web
application under the root) everything worked beautifully.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: tommy |
last post by:
hello everbody,
i write a little asp-application with forms-authentication.
i copy my aspx-files with web.config to my webspace and i get the
error above...
i tried to set the custom-errors-tag ="off"
but nothing happens....
what is my failure????
|
by: Ed |
last post by:
Hi
I currently have an asp.NET project. I'm using Access 2003 and forms authentication to authenticate users. Can anyone tell me how to set the roles in asp.NET so that it recognizes them? The logging in portion of my code works...What I need to know is how to allow access to certain pages to users with an administrator role while blocking access to regular users. My database has 3 columns, username, password, and roles. It is the last...
|
by: Tessa |
last post by:
Is there any security reason why you cannot print to a network printer from
ASP.NET under IIS6 on Windows 2003 server?
I'm using ASP.NET code to print to a server print queue using
PrintDocument.Print()
(.NET framework v 1.1)
I can print to a local printer plugged into LPT1 on the web server, but not
to a network printer.
The same printing code to a network printer works in a .NET web app when
|
by: pberna |
last post by:
Dear all,
I built a Web Form application to start and stop a Windows Service remotely.
I successful tested the application on Windows 2000 server + IIS. I must
include the ASPNET user
to the Administration group (on server side) to have the necessary
authorization to start a Windows Service (I don't understand why "Power
User" rights are not enough to do the same thing)
Although I'm able to start a service using windows 2000 server...
|
by: Marty |
last post by:
Something strange is happening on my web site since my hosting provider
upgraded to Server 2003 a few weeks ago.
I use forms authentication in my asp.net application, with essentially
the following c# code-behind on my login page:
If (FormsAuthentication.Authenticate(UserName.Text, UserPass.Text))
FormsAuthentication.RedirectFromLoginPage(UserName.Text, true);
Note that the createPersistentCookie parameter is set to true.
| | |
by: Joergen Bech |
last post by:
Fairly new to ASP.NET 1.1. Getting the error below when running
application on a web server outside of my control, but only the first
time I run it:
1. After a long period of inactivity (or updating the code-behind dll)
accessing any aspx page in the application causes the application
to run for the first time. Some of the initialization involves
reading and writing some text and xml files using simple streamreader
and streamwriter...
|
by: JayD |
last post by:
(Not sure whether it is a general aspnet problem or a specific security
problem, hence posting it in 2 groups).
This will solve for us a number of problems. I have developed a website on my
local machine (part of a LAN) using Visual Web Developer, with ASP.NET 2.0.
Backend is a SQL Server 2000 database. All queries and webforms work
beautifully on my local machine (file system web project).
However, when I copy this website to a...
|
by: Marc |
last post by:
Hi,
The last week I just started using C# to build an asp.net app.
Using IIS 5.1 locally is not a problem but I'm wondering what the long term
cost will be when I host my own website.
Questions:
1) What is the minimal edition of Windows Server 2003 that I have to
purchase to be able to use IIS 6.0 with at least 20 concurrent connections?
|
by: Jarf |
last post by:
I have and ASP.Net 2.0 application I've set the session state to use
SQL Server and I modified the Timeout setting to be 60 minutes.
However, my session is still expiring in 20 minutes. Looking in the
database this is the value for all sessions. The session settings look
as follows:
<sessionState mode="SQLServer" sqlConnectionString="data
source=servername;User ID=user;Password=password;" timeout="60">
</sessionState>
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| | |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
