Hi,
I defined roles in order to deny access for some pages to anonymous users.
I tested it by typing the url of a denied page to test the system
( http://denypage.aspx).
It works (access denied), and i'm automatically redirected to the login.aspx
file that is defined in the root of the application.
Now i wonder how asp.net knows where the file containing the login control
is. I tried this:
- changing the location of file login.aspx (putting it into a subdir)
- changing the name of login.aspx to login2.aspx
In both cases, when trying to access a denied file, i get the error:"The
resource cannot be found: /app_name/login.aspx .
May i conclude that file "login.aspx " always MUST be in the root of the
application and that its name MUST be 'login.aspx'?
Thanks 4  1351 
I take you you're using Forms Authentication. In which case, you will have
something like this in your Web.config file:
<authenticati on mode="Forms">
<forms loginUrl="Login .aspx" name="adAuthCoo kie" timeout="10" path="/">
</forms>
</authentication>
It is the name in the <formselement LoginUrl attribute that determines
where the user is redirected (if I understand correctly).
HTH
Peter
"Ben" <bn*@mail.dewro te in message
news:u7******** ******@TK2MSFTN GP03.phx.gbl...
Hi,
I defined roles in order to deny access for some pages to anonymous users.
I tested it by typing the url of a denied page to test the system
(http://denypage.aspx).
It works (access denied), and i'm automatically redirected to the
login.aspx file that is defined in the root of the application.
Now i wonder how asp.net knows where the file containing the login control
is. I tried this:
- changing the location of file login.aspx (putting it into a subdir)
- changing the name of login.aspx to login2.aspx
In both cases, when trying to access a denied file, i get the error:"The
resource cannot be found: /app_name/login.aspx .
May i conclude that file "login.aspx " always MUST be in the root of the
application and that its name MUST be 'login.aspx'?
Thanks
Hi, thanks for replying.
All i have about authentificatio n in web.config is:
<authenticati on mode="Forms"/>
Maybe are in that case (when nothing is specified) the default values for
the location the root and for the name of the file 'login.aspx'?
"Peter Bradley" <pb******@uwic. ac.ukschreef in bericht
news:u0******** ******@TK2MSFTN GP03.phx.gbl...
>I take you you're using Forms Authentication. In which case, you will have
something like this in your Web.config file:
<authenticati on mode="Forms">
<forms loginUrl="Login .aspx" name="adAuthCoo kie" timeout="10" path="/">
</forms>
</authentication>
It is the name in the <formselement LoginUrl attribute that determines
where the user is redirected (if I understand correctly).
HTH
Peter
"Ben" <bn*@mail.dewro te in message
news:u7******** ******@TK2MSFTN GP03.phx.gbl...
>Hi,
I defined roles in order to deny access for some pages to anonymous
users.
I tested it by typing the url of a denied page to test the system
(http://denypage.aspx).
It works (access denied), and i'm automatically redirected to the
login.aspx file that is defined in the root of the application.
Now i wonder how asp.net knows where the file containing the login
control is. I tried this:
- changing the location of file login.aspx (putting it into a subdir)
- changing the name of login.aspx to login2.aspx
In both cases, when trying to access a denied file, i get the error:"The
resource cannot be found: /app_name/login.aspx .
May i conclude that file "login.aspx " always MUST be in the root of the
application and that its name MUST be 'login.aspx'?
Thanks
yep "~/login.aspx" is the default value...
-----
Dominick Baier ( http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications ( http://www.microsoft.com/mspress/books/9989.asp)
Hi, thanks for replying.
All i have about authentificatio n in web.config is:
<authenticati on mode="Forms"/>
Maybe are in that case (when nothing is specified) the default values
for
the location the root and for the name of the file 'login.aspx'?
"Peter Bradley" <pb******@uwic. ac.ukschreef in bericht
news:u0******** ******@TK2MSFTN GP03.phx.gbl...
>I take you you're using Forms Authentication. In which case, you
will have something like this in your Web.config file:
<authenticatio n mode="Forms">
<forms loginUrl="Login .aspx" name="adAuthCoo kie" timeout="10"
path="/">
</forms>
</authentication>
It is the name in the <formselement LoginUrl attribute that
determines where the user is redirected (if I understand correctly).
HTH
Peter
"Ben" <bn*@mail.dewro te in message
news:u7******* *******@TK2MSFT NGP03.phx.gbl.. .
>>Hi,
I defined roles in order to deny access for some pages to anonymous
users.
I tested it by typing the url of a denied page to test the system
(http://denypage.aspx).
It works (access denied), and i'm automatically redirected to the
login.aspx file that is defined in the root of the application.
Now i wonder how asp.net knows where the file containing the login
control is. I tried this:
- changing the location of file login.aspx (putting it into a
subdir)
- changing the name of login.aspx to login2.aspx
In both cases, when trying to access a denied file, i get the
error:"The resource cannot be found: /app_name/login.aspx .
May i conclude that file "login.aspx " always MUST be in the root of
the application and that its name MUST be 'login.aspx'?
Thanks
thanks
"Dominick Baier" <dbaier@pleasep leasenospam_lea stprivilege.com schreef in
bericht news:51******** *************** **@news.microso ft.com...
yep "~/login.aspx" is the default value...
-----
Dominick Baier (http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications
(http://www.microsoft.com/mspress/books/9989.asp)
>Hi, thanks for replying.
All i have about authentificatio n in web.config is:
<authenticatio n mode="Forms"/>
Maybe are in that case (when nothing is specified) the default values
for
the location the root and for the name of the file 'login.aspx'?
"Peter Bradley" <pb******@uwic. ac.ukschreef in bericht
news:u0******* *******@TK2MSFT NGP03.phx.gbl.. .
>>I take you you're using Forms Authentication. In which case, you
will have something like this in your Web.config file:
<authenticati on mode="Forms">
<forms loginUrl="Login .aspx" name="adAuthCoo kie" timeout="10"
path="/">
</forms>
</authentication>
It is the name in the <formselement LoginUrl attribute that
determines where the user is redirected (if I understand correctly).
HTH
Peter
"Ben" <bn*@mail.dewro te in message
news:u7****** ********@TK2MSF TNGP03.phx.gbl. ..
Hi,
I defined roles in order to deny access for some pages to anonymous
users.
I tested it by typing the url of a denied page to test the system
(http://denypage.aspx).
It works (access denied), and i'm automatically redirected to the
login.aspx file that is defined in the root of the application.
Now i wonder how asp.net knows where the file containing the login
control is. I tried this:
- changing the location of file login.aspx (putting it into a
subdir)
- changing the name of login.aspx to login2.aspx
In both cases, when trying to access a denied file, i get the
error:"The resource cannot be found: /app_name/login.aspx .
May i conclude that file "login.aspx " always MUST be in the root of
the application and that its name MUST be 'login.aspx'?
Thanks
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: teddysnips |
last post by:
Currently studying for 70-229.
I'm trying to understand how security for users is managed in SQL
Server. I've been using SQL Server for a few years now, but without
investigating the bits that "just work".
So, here's the scenario. This is more or less how I create all my
applications (which these days are all ASP.NET).
I have a database called "TESTDB" (original, huh?)
|
by: Homa |
last post by:
Hi,
I am using a role-based Forms Authentication. I have several
directories that have different levels of authorization. When I try to
access another directory, the page bounce me back to the login page
everytime. After I re-login, I can access the page.
I can't figure out what happened. I saved the roles to the User so
when I access another page, they should able to see that before they
bounce me out.
|
by: nicholas |
last post by:
Hi,
Got an asp.net application and I use the "forms" authentication mode defined
in the web.config file.
Everything works fine.
But now I would like to add a second, different login page for the users
that go in a specific folder.
How can I do this?
|
by: V. Jenks |
last post by:
Using forms authentication, can I control which pages
and/or directories a user would have access to or is that
only available with Windows authentication?
Thanks!
|
by: Frank Bishop |
last post by:
I'm using forms authentication with a database. I have an app that lets
users run online reports. Right now, depending on their login in the DB,
they get redirected to the pages that apply to them. I've noticed that
nothing stops them from browsing out to another users page once they log
in.
I'm thinking maybe I should just hide content instead. Is their any
simple examples of this or is my current way fixable?
Thanks,
| | |
by: Alex Nitulescu |
last post by:
Hi. I have two questions, please:
a) If I go DIRECTLY to Login, there's no Request.Params("ReturnURL"), and
therefore RedirectFromLogin won't work, because it will try to go to a page
named "Default", which in my case does not exist. Short of creating a
"mandatory" Default page, what can I do ? RedirectFromLogin not only
redirects me to whereever I came from, but it also creates a ticket - so how
can I still use it if the redirection...
|
by: et |
last post by:
I have an asp.net program that uses a connection string, using integrated
security to connect to a sql database. It runs fine on one server, but the
other server gives me the error that
"Login failed for user "NT AUTHORITY/ANONYMOUS LOGON". Why would this be?
There is no reason it should even be trying to login to using NT
Authority/Anonymous login. The IIS Server is set to turn off anonymous
logins, and use integrated security, and my...
|
by: Jakob Lithner |
last post by:
When I started a new ASP project I was eager to use the login facilities
offered in Framework 2.0/VS 2005.
I wanted:
- A custom principal that could hold my integer UserID from the database
- An easy way to classify different pages as either Admin, Member or Public,
where login is necessary for Admin and Member but not for Public. My idea was
to put the pages in different directories to easily keep my order.
- An easy menu system that...
|
by: sandari |
last post by:
The following code (web.config in Visual Studio 2005) is supposed to redirect a user to the appropriate Form depending on their role.
However, regardless of the user's role, the only page displayed is the login page with the URL of the page the user was supposed to go to being displayed in the address bar.
A valid user is:
name "sandy"
password = san_mcd
role = Administrator
...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
