I have a VS2005 project on a winxp pro with IIS installed on it. I am using a
SQL Server source for my membership and roles information.
I created a Login.aspx page, a Default.aspx, a Thankyou.aspx page and a
AddUser.aspx page.
The Login.aspx page has a login control. No changes other than saying the
destinationURL is ~/Default.aspx.
THe ThankYou.aspx page just has text saying thank you.
The Default.aspx just has a link to Adduser.aspx.
The AddUser.aspx page just has the CreateUserWizard control on it. Turned
off the requireemail option and set the ContinueDestinationURL to
~/ThankYou.aspx.
Forms Authentication for the site has been turned on. I have denied
anonymous users. Everything works fine at this point, the progession works as
expected:
Login.aspx->Default.aspx->AddUser.aspx->ThankYou.aspx.
Now I upgrade the site to require that only users of a certain role can
access the site and pages within. I add access rules to the root directory of
the site to (in order)
Allow users of role X
Deny All Users
Deny Anonymous Users
This is where the AddUser page starts messing up.
Login.aspx->Default.aspx->AddUser.aspx->Login.aspx?ReturnUrl=%2fTest%2fAddUser.aspx
After the user is created and you press the continue button, it goes to the
login screen. Why is this? Is it a bug with CreateUserWizard?
4  1956 
Guy,
Not really, I think what's happening is you are getting a new user but the
CreateUser wizard isn't actually authenticating the new user. So you would
either need to do that programmatically, or leave it the way it is, possibly
with an explanatory message to the new user.
Peter
--
Co-founder, Eggheadcafe.com developer portal: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
"Guy Swartwood" wrote:
I have a VS2005 project on a winxp pro with IIS installed on it. I am using a
SQL Server source for my membership and roles information.
I created a Login.aspx page, a Default.aspx, a Thankyou.aspx page and a
AddUser.aspx page.
The Login.aspx page has a login control. No changes other than saying the
destinationURL is ~/Default.aspx.
THe ThankYou.aspx page just has text saying thank you.
The Default.aspx just has a link to Adduser.aspx.
The AddUser.aspx page just has the CreateUserWizard control on it. Turned
off the requireemail option and set the ContinueDestinationURL to
~/ThankYou.aspx.
Forms Authentication for the site has been turned on. I have denied
anonymous users. Everything works fine at this point, the progession works as
expected:
Login.aspx->Default.aspx->AddUser.aspx->ThankYou.aspx.
Now I upgrade the site to require that only users of a certain role can
access the site and pages within. I add access rules to the root directory of
the site to (in order)
Allow users of role X
Deny All Users
Deny Anonymous Users
This is where the AddUser page starts messing up.
Login.aspx->Default.aspx->AddUser.aspx->Login.aspx?ReturnUrl=%2fTest%2fAddUser.aspx
After the user is created and you press the continue button, it goes to the
login screen. Why is this? Is it a bug with CreateUserWizard?
Oh, I see.
The real purpose is for an admin of a site to create other users for the
site. To summerize what you are saying: THe authenticated user who used the
CreateUserWizard page is being replaced with the user created by the
CreateUserWizard but the new user isn't really authenticated.
"Peter Bromberg [C# MVP]" wrote:
Guy,
Not really, I think what's happening is you are getting a new user but the
CreateUser wizard isn't actually authenticating the new user. So you would
either need to do that programmatically, or leave it the way it is, possibly
with an explanatory message to the new user.
Peter
--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com
After reading your message and realizing that the CreateUserWIzard was trying
to login the new user, I found the LoginCreatedUser property of the control
(which I didn't see before) and turned it off. The form works perfectly.
Thank you.
"Peter Bromberg [C# MVP]" wrote:
Guy,
Not really, I think what's happening is you are getting a new user but the
CreateUser wizard isn't actually authenticating the new user. So you would
either need to do that programmatically, or leave it the way it is, possibly
with an explanatory message to the new user.
Peter
--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com
Yes, and thank you for reminding me! Also, let us not forget that often
developers use the create user wizard so that if I visit your site and I
decide I want to "become a member" it would work in that modality as well.
Peter
--
Co-founder, Eggheadcafe.com developer portal: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
"Guy Swartwood" wrote:
I have a VS2005 project on a winxp pro with IIS installed on it. I am using a
SQL Server source for my membership and roles information.
I created a Login.aspx page, a Default.aspx, a Thankyou.aspx page and a
AddUser.aspx page.
The Login.aspx page has a login control. No changes other than saying the
destinationURL is ~/Default.aspx.
THe ThankYou.aspx page just has text saying thank you.
The Default.aspx just has a link to Adduser.aspx.
The AddUser.aspx page just has the CreateUserWizard control on it. Turned
off the requireemail option and set the ContinueDestinationURL to
~/ThankYou.aspx.
Forms Authentication for the site has been turned on. I have denied
anonymous users. Everything works fine at this point, the progession works as
expected:
Login.aspx->Default.aspx->AddUser.aspx->ThankYou.aspx.
Now I upgrade the site to require that only users of a certain role can
access the site and pages within. I add access rules to the root directory of
the site to (in order)
Allow users of role X
Deny All Users
Deny Anonymous Users
This is where the AddUser page starts messing up.
Login.aspx->Default.aspx->AddUser.aspx->Login.aspx?ReturnUrl=%2fTest%2fAddUser.aspx
After the user is created and you press the continue button, it goes to the
login screen. Why is this? Is it a bug with CreateUserWizard?
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: ElmoWatson |
last post by:
I tried on the Security newgroup, as well as other places, and haven't
gotten an answer yet - - I'm pulling my hair out over this one.
I'm trying to get Forms Authentication working.....I can get...
|
by: Kris van der Mast |
last post by:
Hi,
I've created a little site for my sports club. In the root folder there are
pages that are viewable by every anonymous user but at a certain subfolder
my administration pages should be...
|
by: Travis Parrent |
last post by:
I'm having a problem where my application forces the user to log on
intially, but then never forces them to reauthenticate. Following is the
login code currently but I've tried several different...
|
by: Brian Shannon |
last post by:
I have an intranet site I created when I first began .NET and it is very
basic. Now that I have developed my skills I am looking to revamp the old
with something new. I really like the idea of...
|
by: V. Jenks |
last post by:
Using forms authentication, can I control which pages
and/or directories a user would have access to or is that
only available with Windows authentication?
Thanks!
|
by: Nehpets |
last post by:
I'm trying to setup a web site that uses active directory for user
authentication under asp.net 2.0.
For testing, I have separately installed two virtual servers. The first is
a domain...
|
by: alexandis |
last post by:
There are tons of articles about custom role and provider membership,
but they just tear me apart and confuse :(
The situation is following: I use DB2, so I wrote custom role +
membership...
|
by: Bjorn Sagbakken |
last post by:
In a web-application with login creds (user, pwd), these are checked against
a user table on a SQL server. On a positive validation I have saved the
userID, name, custno and role-settings in a...
|
by: Rory Becker |
last post by:
Having now created a Custom MembershipProvider that seems to work correctly
with my Logon and ChangePassword controls, I am, as they say, a happy bunny.
The next stange is to move on to the...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
| |
