467,864 Members | 1,799 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 467,864 developers. It's quick & easy.

Problem with ASP.NET 2.0 Location override of Forms Authentication settings

Hi all,

We have an asp.net 1.1 app that we're in the process of converting to
2.0. What I'm about to describe runs just great in the 1.1
framework, but does not work in the 2.0 framework.

This app uses forms authentication and denies all unauthenticated
users. There is a location override in the web.config so that we can
open up a directory for unauthenticated users to create a login
account. There is only 1 web.config in the app, and it's located in
the root directory. Here are the relevant parts of the web.config:

<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="login/login.aspx" name="dmdotcomauth"
protection="All" timeout="20" path="/"/>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>

<location path="signup">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>

</configuration>
In the signup folder are a couple of aspx files used to create the
login account. In ASP.NET 1.1, when the user browses to the aspx
files in the signup folder, such as http://localhost/webapp/signup/CreateAccount.aspx,
that aspx file display correctly, no problem. However in ASP.NET
2.0, when the user browses to that same file, the user is redirected
to the login page. In ASP.NET 2.0, if I login to the app, and then
browse to the CreateAccount.aspx, then it works OK....however this is
obviously not what I'm looking for, but it proves that the
CreateAccount.aspx page functions properly in the 2.0 environment.
It it matters any, from an IIS standpoint, the virtual directory
"webapp" is set to allow anonymous access and windows integrated
authentication.

Has anyone run into problems dealing with forms authentication
overrides for subfolders in ASP.NET 2.0 using the <locationelement
of the web.config? This used to work fine in 1.1, I'm not sure what's
different now.

--steve

Mar 13 '07 #1
  • viewed: 6205
Share:
1 Reply
On Mar 13, 10:03 am, "n33470" <n33...@gmail.comwrote:
Hi all,

We have an asp.net 1.1 app that we're in the process of converting to
2.0. What I'm about to describe runs just great in the 1.1
framework, but does not work in the 2.0 framework.

This app uses forms authentication and denies all unauthenticated
users. There is a location override in the web.config so that we can
open up a directory for unauthenticated users to create a login
account. There is only 1 web.config in the app, and it's located in
the root directory. Here are the relevant parts of the web.config:

<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="login/login.aspx" name="dmdotcomauth"
protection="All" timeout="20" path="/"/>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>

<location path="signup">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>

</configuration>

In the signup folder are a couple of aspx files used to create the
login account. In ASP.NET 1.1, when the user browses to the aspx
files in the signup folder, such ashttp://localhost/webapp/signup/CreateAccount.aspx,
that aspx file display correctly, no problem. However in ASP.NET
2.0, when the user browses to that same file, the user is redirected
to the login page. In ASP.NET 2.0, if I login to the app, and then
browse to the CreateAccount.aspx, then it works OK....however this is
obviously not what I'm looking for, but it proves that the
CreateAccount.aspx page functions properly in the 2.0 environment.
It it matters any, from an IIS standpoint, the virtual directory
"webapp" is set to allow anonymous access and windows integrated
authentication.

Has anyone run into problems dealing with forms authentication
overrides for subfolders in ASP.NET 2.0 using the <locationelement
of the web.config? This used to work fine in 1.1, I'm not sure what's
different now.

--steve
I figured it out. It was a coding problem on our side within the
CreateAccount page that caused the redirect to the login page. It was
not the forms authentication that caused the redirect.

The forms authentication design using the location override for
authorization values in different sub folders works just fine in
ASP.NET 2.0.

--steve

Mar 13 '07 #2

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

1 post views Thread by Hugh McLaughlin | last post: by
reply views Thread by Tony | last post: by
3 posts views Thread by Kris van der Mast | last post: by
reply views Thread by Rob Locher | last post: by
3 posts views Thread by angus | last post: by
2 posts views Thread by John | last post: by
reply views Thread by jack112 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.