I have a main project that is protected in that the user is directed to a
login.aspx file.
The text in the web.config file is:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" />
</authentication>
<authorization>
<deny users="?" /> <!--deny unauthorized users -->
<allow users="*" /> <!-- Allow all authorized users -->
</authorization>
When the user enters email/password and is authenticated, control is
transferred back to the main page via the line in the Login.aspx file:
if(Authenticate(EMail.Text, Password.Text)) {
// return to the original page
FormsAuthentication.RedirectFromLoginPage(EMail.Te xt, false);
}
else {
Output.Text = "Invalid Login";
}
Authenticate is my routine.
This all works as it should.
I also have a second project that is going to allow editing of the main page
info. This is contained in the solution but placed in a subdirectory to the
main project. In there I have a web.config file that just identifies the
login.aspx file in the parent directory so:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="../Login.aspx" />
</authentication>
</system.web>
</configuration>
Again when I start the second project I am transferred to the login.aspx
file in the parent folder. I enter the credentials and when I step through
the code, the FormsAuthentication.RedirectFromLoginPage(...) routine is
called.
My problem is that the Login.aspx page is recycled. Control doesn't return
to my secondary project in the child folder it just keeps on showing the
Login page.
If I look at the browsers address line for the login page:
http://localhost/OnLineReg/Login.asp...ayRegInfo.aspx
it has the correct return address of the page in the subfolder
"DisplayRegInfo" in the ReturnUrl= argument.
Can anyone suggest if I am doing anything obviously wrong?
Ed
--
Edward E.L. Mitchell
Phone: (239)415-7039
6707 Daniel Court
Fort Myers, FL 33908