473,327 Members | 1,997 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

Trouble with forms authentication

I am trying to password protect a subdirectory using forms authentication. I
am using the "Location" tag to specify the directory to be protected. The
login.aspx page is in the root directory of the app. Here is the web.config:

<location path="Admin">
<system.web>
<authentication mode="Forms">
<forms name="authAdmin" loginUrl="Login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="Admin" password="pass"/>
<user name="Ashlyinn" password="pass"/>
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>

The problem is event if I put in the proper valid credentials authorization
fails.

Any suggestions?

Thanks, Justin.
Nov 18 '05 #1
7 2012
Hey Justin,
When u mean authorization do u mean th user can login but he is not
getting the appropriate resources?
That means is he authenticated?

"Justin" wrote:
I am trying to password protect a subdirectory using forms authentication. I
am using the "Location" tag to specify the directory to be protected. The
login.aspx page is in the root directory of the app. Here is the web.config:

<location path="Admin">
<system.web>
<authentication mode="Forms">
<forms name="authAdmin" loginUrl="Login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="Admin" password="pass"/>
<user name="Ashlyinn" password="pass"/>
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>

The problem is event if I put in the proper valid credentials authorization
fails.

Any suggestions?

Thanks, Justin.

Nov 18 '05 #2
No, the user is not authenticated at all, meaning it goes to the else
statement in the code below no matter what:

private void Login_Click(object sender, System.EventArgs e)
{
if (FormsAuthentication.Authenticate(Email.Text, Password.Text))
{
FormsAuthentication.RedirectFromLoginPage(Email.Te xt, false);
}
else
{
lblStatus.Text = "Authentication Failed.";
}
}

"Patrick.O.Ige" wrote:
Hey Justin,
When u mean authorization do u mean th user can login but he is not
getting the appropriate resources?
That means is he authenticated?

"Justin" wrote:
I am trying to password protect a subdirectory using forms authentication. I
am using the "Location" tag to specify the directory to be protected. The
login.aspx page is in the root directory of the app. Here is the web.config:

<location path="Admin">
<system.web>
<authentication mode="Forms">
<forms name="authAdmin" loginUrl="Login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="Admin" password="pass"/>
<user name="Ashlyinn" password="pass"/>
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>

The problem is event if I put in the proper valid credentials authorization
fails.

Any suggestions?

Thanks, Justin.

Nov 18 '05 #3
Ok Justin so No authentication at al!!
Are u sure u have all the right settings?
First check to see whether u have Anonymous Auth checked in IIS.
Got to ur WebServer and right click on ur Virtual Directory of ur
Application >Go to Properties >Directory security TAB> On the Anonymouse
Access and Auth control
click EDIT and make sure u check Anonymous access!
Also make sure u have :- <identity impersonate="true" /> placed in ur
web.config
Try all that!
Let me know if it works for u..if not post ur Question.

"Justin" wrote:
No, the user is not authenticated at all, meaning it goes to the else
statement in the code below no matter what:

private void Login_Click(object sender, System.EventArgs e)
{
if (FormsAuthentication.Authenticate(Email.Text, Password.Text))
{
FormsAuthentication.RedirectFromLoginPage(Email.Te xt, false);
}
else
{
lblStatus.Text = "Authentication Failed.";
}
}

"Patrick.O.Ige" wrote:
Hey Justin,
When u mean authorization do u mean th user can login but he is not
getting the appropriate resources?
That means is he authenticated?

"Justin" wrote:
I am trying to password protect a subdirectory using forms authentication. I
am using the "Location" tag to specify the directory to be protected. The
login.aspx page is in the root directory of the app. Here is the web.config:

<location path="Admin">
<system.web>
<authentication mode="Forms">
<forms name="authAdmin" loginUrl="Login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="Admin" password="pass"/>
<user name="Ashlyinn" password="pass"/>
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>

The problem is event if I put in the proper valid credentials authorization
fails.

Any suggestions?

Thanks, Justin.

Nov 18 '05 #4
Well, unfortunetly it still does not work. I am sure its something simle but
sometimes simple problems are hard to fix.

Thanks for the help.

Justin.

"Patrick.O.Ige" wrote:
Ok Justin so No authentication at al!!
Are u sure u have all the right settings?
First check to see whether u have Anonymous Auth checked in IIS.
Got to ur WebServer and right click on ur Virtual Directory of ur
Application >Go to Properties >Directory security TAB> On the Anonymouse
Access and Auth control
click EDIT and make sure u check Anonymous access!
Also make sure u have :- <identity impersonate="true" /> placed in ur
web.config
Try all that!
Let me know if it works for u..if not post ur Question.

"Justin" wrote:
No, the user is not authenticated at all, meaning it goes to the else
statement in the code below no matter what:

private void Login_Click(object sender, System.EventArgs e)
{
if (FormsAuthentication.Authenticate(Email.Text, Password.Text))
{
FormsAuthentication.RedirectFromLoginPage(Email.Te xt, false);
}
else
{
lblStatus.Text = "Authentication Failed.";
}
}

"Patrick.O.Ige" wrote:
Hey Justin,
When u mean authorization do u mean th user can login but he is not
getting the appropriate resources?
That means is he authenticated?

"Justin" wrote:

> I am trying to password protect a subdirectory using forms authentication. I
> am using the "Location" tag to specify the directory to be protected. The
> login.aspx page is in the root directory of the app. Here is the web.config:
>
> <location path="Admin">
> <system.web>
> <authentication mode="Forms">
> <forms name="authAdmin" loginUrl="Login.aspx" protection="All" timeout="30">
> <credentials passwordFormat="Clear">
> <user name="Admin" password="pass"/>
> <user name="Ashlyinn" password="pass"/>
> </credentials>
> </forms>
> </authentication>
> <authorization>
> <deny users="?"/>
> </authorization>
> </system.web>
> </location>
>
> The problem is event if I put in the proper valid credentials authorization
> fails.
>
> Any suggestions?
>
> Thanks, Justin.

Nov 18 '05 #5
Just try looking through ur code carefully ok!

Justin try looking through:-Forms Authentication here:-
http://samples.gotdotnet.com/quickstart/aspplus/
o
http://support.microsoft.com/default...301240&SD=MSDN
or
http://www.costudio.com/form_auth.asp


"Justin" wrote:
Well, unfortunetly it still does not work. I am sure its something simle but
sometimes simple problems are hard to fix.

Thanks for the help.

Justin.

"Patrick.O.Ige" wrote:
Ok Justin so No authentication at al!!
Are u sure u have all the right settings?
First check to see whether u have Anonymous Auth checked in IIS.
Got to ur WebServer and right click on ur Virtual Directory of ur
Application >Go to Properties >Directory security TAB> On the Anonymouse
Access and Auth control
click EDIT and make sure u check Anonymous access!
Also make sure u have :- <identity impersonate="true" /> placed in ur
web.config
Try all that!
Let me know if it works for u..if not post ur Question.

"Justin" wrote:
No, the user is not authenticated at all, meaning it goes to the else
statement in the code below no matter what:

private void Login_Click(object sender, System.EventArgs e)
{
if (FormsAuthentication.Authenticate(Email.Text, Password.Text))
{
FormsAuthentication.RedirectFromLoginPage(Email.Te xt, false);
}
else
{
lblStatus.Text = "Authentication Failed.";
}
}

"Patrick.O.Ige" wrote:

> Hey Justin,
> When u mean authorization do u mean th user can login but he is not
> getting the appropriate resources?
> That means is he authenticated?
>
>
>
> "Justin" wrote:
>
> > I am trying to password protect a subdirectory using forms authentication. I
> > am using the "Location" tag to specify the directory to be protected. The
> > login.aspx page is in the root directory of the app. Here is the web.config:
> >
> > <location path="Admin">
> > <system.web>
> > <authentication mode="Forms">
> > <forms name="authAdmin" loginUrl="Login.aspx" protection="All" timeout="30">
> > <credentials passwordFormat="Clear">
> > <user name="Admin" password="pass"/>
> > <user name="Ashlyinn" password="pass"/>
> > </credentials>
> > </forms>
> > </authentication>
> > <authorization>
> > <deny users="?"/>
> > </authorization>
> > </system.web>
> > </location>
> >
> > The problem is event if I put in the proper valid credentials authorization
> > fails.
> >
> > Any suggestions?
> >
> > Thanks, Justin.

Nov 18 '05 #6
This link shoud help for sure:-
http://www.15seconds.com/issue/020220.htm
And by the way in ur Web.Config why don't u do:-
<configuration>
<system.web>
<customErrors mode="Off"/>
<authentication mode="Forms">
<forms name="appNameAuth" path="/" loginUrl="login.aspx"
protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="jeff" password="test" />
<user name="mike" password="test" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>

And then if u want to perform Auhtorization use the location PATH and specify
whch users can see access contents of a particular FOLDER!
GDLUCK


"Patrick.O.Ige" wrote:
Just try looking through ur code carefully ok!

Justin try looking through:-Forms Authentication here:-
http://samples.gotdotnet.com/quickstart/aspplus/
or
http://support.microsoft.com/default...301240&SD=MSDN
or
http://www.costudio.com/form_auth.asp


"Justin" wrote:
Well, unfortunetly it still does not work. I am sure its something simle but
sometimes simple problems are hard to fix.

Thanks for the help.

Justin.

"Patrick.O.Ige" wrote:
Ok Justin so No authentication at al!!
Are u sure u have all the right settings?
First check to see whether u have Anonymous Auth checked in IIS.
Got to ur WebServer and right click on ur Virtual Directory of ur
Application >Go to Properties >Directory security TAB> On the Anonymouse
Access and Auth control
click EDIT and make sure u check Anonymous access!
Also make sure u have :- <identity impersonate="true" /> placed in ur
web.config
Try all that!
Let me know if it works for u..if not post ur Question.

"Justin" wrote:

> No, the user is not authenticated at all, meaning it goes to the else
> statement in the code below no matter what:
>
> private void Login_Click(object sender, System.EventArgs e)
> {
> if (FormsAuthentication.Authenticate(Email.Text, Password.Text))
> {
> FormsAuthentication.RedirectFromLoginPage(Email.Te xt, false);
> }
> else
> {
> lblStatus.Text = "Authentication Failed.";
> }
> }
>
>
>
> "Patrick.O.Ige" wrote:
>
> > Hey Justin,
> > When u mean authorization do u mean th user can login but he is not
> > getting the appropriate resources?
> > That means is he authenticated?
> >
> >
> >
> > "Justin" wrote:
> >
> > > I am trying to password protect a subdirectory using forms authentication. I
> > > am using the "Location" tag to specify the directory to be protected. The
> > > login.aspx page is in the root directory of the app. Here is the web.config:
> > >
> > > <location path="Admin">
> > > <system.web>
> > > <authentication mode="Forms">
> > > <forms name="authAdmin" loginUrl="Login.aspx" protection="All" timeout="30">
> > > <credentials passwordFormat="Clear">
> > > <user name="Admin" password="pass"/>
> > > <user name="Ashlyinn" password="pass"/>
> > > </credentials>
> > > </forms>
> > > </authentication>
> > > <authorization>
> > > <deny users="?"/>
> > > </authorization>
> > > </system.web>
> > > </location>
> > >
> > > The problem is event if I put in the proper valid credentials authorization
> > > fails.
> > >
> > > Any suggestions?
> > >
> > > Thanks, Justin.

Nov 18 '05 #7
Ok, I am getting closer to getting this to work the only problem is that
after loging in it redirects to default.aspx in the root directory instead of
admin/default.aspx.

How do I manualy set redirect url?

"Patrick.O.Ige" wrote:
This link shoud help for sure:-
http://www.15seconds.com/issue/020220.htm
And by the way in ur Web.Config why don't u do:-
<configuration>
<system.web>
<customErrors mode="Off"/>
<authentication mode="Forms">
<forms name="appNameAuth" path="/" loginUrl="login.aspx"
protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="jeff" password="test" />
<user name="mike" password="test" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>

And then if u want to perform Auhtorization use the location PATH and specify
whch users can see access contents of a particular FOLDER!
GDLUCK


"Patrick.O.Ige" wrote:
Just try looking through ur code carefully ok!

Justin try looking through:-Forms Authentication here:-
http://samples.gotdotnet.com/quickstart/aspplus/
or
http://support.microsoft.com/default...301240&SD=MSDN
or
http://www.costudio.com/form_auth.asp


"Justin" wrote:
Well, unfortunetly it still does not work. I am sure its something simle but
sometimes simple problems are hard to fix.

Thanks for the help.

Justin.

"Patrick.O.Ige" wrote:

> Ok Justin so No authentication at al!!
> Are u sure u have all the right settings?
> First check to see whether u have Anonymous Auth checked in IIS.
> Got to ur WebServer and right click on ur Virtual Directory of ur
> Application >Go to Properties >Directory security TAB> On the Anonymouse
> Access and Auth control
> click EDIT and make sure u check Anonymous access!
> Also make sure u have :- <identity impersonate="true" /> placed in ur
> web.config
> Try all that!
> Let me know if it works for u..if not post ur Question.
>
>
>
> "Justin" wrote:
>
> > No, the user is not authenticated at all, meaning it goes to the else
> > statement in the code below no matter what:
> >
> > private void Login_Click(object sender, System.EventArgs e)
> > {
> > if (FormsAuthentication.Authenticate(Email.Text, Password.Text))
> > {
> > FormsAuthentication.RedirectFromLoginPage(Email.Te xt, false);
> > }
> > else
> > {
> > lblStatus.Text = "Authentication Failed.";
> > }
> > }
> >
> >
> >
> > "Patrick.O.Ige" wrote:
> >
> > > Hey Justin,
> > > When u mean authorization do u mean th user can login but he is not
> > > getting the appropriate resources?
> > > That means is he authenticated?
> > >
> > >
> > >
> > > "Justin" wrote:
> > >
> > > > I am trying to password protect a subdirectory using forms authentication. I
> > > > am using the "Location" tag to specify the directory to be protected. The
> > > > login.aspx page is in the root directory of the app. Here is the web.config:
> > > >
> > > > <location path="Admin">
> > > > <system.web>
> > > > <authentication mode="Forms">
> > > > <forms name="authAdmin" loginUrl="Login.aspx" protection="All" timeout="30">
> > > > <credentials passwordFormat="Clear">
> > > > <user name="Admin" password="pass"/>
> > > > <user name="Ashlyinn" password="pass"/>
> > > > </credentials>
> > > > </forms>
> > > > </authentication>
> > > > <authorization>
> > > > <deny users="?"/>
> > > > </authorization>
> > > > </system.web>
> > > > </location>
> > > >
> > > > The problem is event if I put in the proper valid credentials authorization
> > > > fails.
> > > >
> > > > Any suggestions?
> > > >
> > > > Thanks, Justin.

Nov 18 '05 #8

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
by: Billy Jacobs | last post by:
I have a website which has both secure and non-secure pages. I want to uses forms authentication. How do I accomplish this? Originally I had my web.config file in the root with Forms...
3
by: Kris van der Mast | last post by:
Hi, I've created a little site for my sports club. In the root folder there are pages that are viewable by every anonymous user but at a certain subfolder my administration pages should be...
6
by: Daniel Walzenbach | last post by:
Hi, I have an application using "Forms authentication". Everything works perfectly well except when I try to open a new page with java script like the following: <script...
0
by: Anonieko Ramos | last post by:
ASP.NET Forms Authentication Best Practices Dr. Dobb's Journal February 2004 Protecting user information is critical By Douglas Reilly Douglas is the author of Designing Microsoft ASP.NET...
5
by: V. Jenks | last post by:
Using forms authentication, can I control which pages and/or directories a user would have access to or is that only available with Windows authentication? Thanks!
1
by: chris.rust | last post by:
Has anyone else had any trouble setting up a sitemap view to be filtered by roles? We've put a cust role provider in place, and we can verify that it's only being called once for each...
4
by: =?Utf-8?B?R3V1czEyMw==?= | last post by:
Hi, I created a web site on a remote server. To logon the user must enter a user id and password. The site is uses Forms Authentication. The web config file looks as follows: ...
4
by: Bjorn Sagbakken | last post by:
In a web-application with login creds (user, pwd), these are checked against a user table on a SQL server. On a positive validation I have saved the userID, name, custno and role-settings in a...
5
by: Rory Becker | last post by:
Having now created a Custom MembershipProvider that seems to work correctly with my Logon and ChangePassword controls, I am, as they say, a happy bunny. The next stange is to move on to the...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.