Hi All,
I have an ASP.NET application to which I have implemented forms
authentication to handle security. It is a relatively straight forward
solution with all aspx pages residing in the root folder.
The issue I am experiencing is that when the authentication time out is
activated and the user is hence unauthenticated, the browser window is on
sometimes redirecting back to the login page. When the browser does or
doesn't redirect to the login page seems to be defined by the page the user
is trying to access as a very few aspx pages when requested will redirect to
the login page correctly.
This seems to be platform independed as the exact same behaviour is
experienced on my local development machine running WinXPSP2 and a Win2K3
Server.
Has anyone any ideas as to why this may be happening and/or have any
suggestions to aid in the investagation?
The web.config contents:
<configuration>
<system.web>
<compilation defaultLanguage="c#" debug="true" />
<authentication mode="Forms">
<forms name=".RENOWNSUPPORTAUTH" loginUrl="login.aspx" protection="All"
timeout="1" path="/" slidingExpiration="true" />
</authentication>
<authorization>
<deny users="?" /> <!-- Deny access to all unauthenticated users -->
</authorization>
</system.web>
<location path="login.aspx">
<system.web>
<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>
</system.web>
</location>
<location path="error.aspx">
<system.web>
<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>
</system.web>
</location>
</configuration>