The following code (web.config in Visual Studio 2005) is supposed to redirect a user to the appropriate Form depending on their role.
However, regardless of the user's role, the only page displayed is the login page with the URL of the page the user was supposed to go to being displayed in the address bar.
A valid user is:
name "sandy"
password = san_mcd
role = Administrator
This user should be redirected to frm_Management
************************************************** ***
<?xml version="1.0"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
\Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
Visual Basic options:
Set strict="true" to disallow all data type conversions
where data loss can occur.
Set explicit="true" to force declaration of all variables.
-->
<authorization>
<allow roles="Administration" />
<allow roles="Management" />
<allow roles="Sales" />
<allow roles="Technician" />
<allow roles="Workshop" />
<deny users="*" />
<deny users="?" />
</authorization>
<roleManager enabled="true" />
<compilation debug="true" strict="false" explicit="true"/>
<pages>
<namespaces>
<clear/>
<add namespace="System"/>
<add namespace="System.Collections"/>
<add namespace="System.Collections.Specialized"/>
<add namespace="System.Configuration"/>
<add namespace="System.Text"/>
<add namespace="System.Text.RegularExpressions"/>
<add namespace="System.Web"/>
<add namespace="System.Web.Caching"/>
<add namespace="System.Web.SessionState"/>
<add namespace="System.Web.Security"/>
<add namespace="System.Web.Profile"/>
<add namespace="System.Web.UI"/>
<add namespace="System.Web.UI.WebControls"/>
<add namespace="System.Web.UI.WebControls.WebParts"/>
<add namespace="System.Web.UI.HtmlControls"/>
</namespaces>
</pages>
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Forms" >
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
<forms name="SandariCookie"
loginUrl="~/Default.aspx"
protection="All"
timeout="40" path="/" />
</authentication>
</system.web>
<location path="frm_Administration.aspx">
<system.web>
<authorization>
<deny users="?" />
<deny users="*" />
<allow roles="Administration, Management, Workshop" />
</authorization>
</system.web>
</location>
<location path="frm_Management.aspx">
<system.web>
<authorization>
<deny users="?" />
<deny users="*" />
<allow roles="Management" />
</authorization>
</system.web>
</location>
<location path="frm_Sales.aspx">
<system.web>
<authorization>
<deny users="?" />
<deny users="*" />
<allow roles="Sales, Management" />
</authorization>
</system.web>
</location>
<location path="frm_Technician.aspx">
<system.web>
<authorization>
<deny users="?" />
<deny users="*" />
<allow roles="Technician, Management" />
</authorization>
</system.web>
</location>
</configuration>
**********************************************
This is the code behind the login form:
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Login.aspx.vb" Inherits="Default4" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div id="log_Login" title="Login">
<div>
<asp:Label ID="Label1" runat="server" Font-Bold="True" Font-Italic="True" Font-Size="X-Large"
Style="z-index: 100; left: 280px; position: absolute; top: 13px" Text="Home Visits for Sick Computers"
Width="410px"></asp:Label>
<br />
<asp:Label ID="Label2" runat="server" Font-Bold="True" Font-Size="XX-Large" Style="z-index: 101;
left: 288px; position: absolute; top: 53px" Text="Stock and Job Manager" Width="400px"></asp:Label>
</div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<asp:LoginView ID="LoginView1" runat="server">
</asp:LoginView>
<br />
<br />
<br />
<asp:Login ID="cmdLogin" runat="server" BackColor="#F7F7DE" BorderColor="#CCCC99" BorderStyle="Solid"
BorderWidth="1px" Font-Names="Verdana" Font-Size="10pt" Style="z-index: 104;
left: 360px; position: absolute; top: 312px"
CreateUserText="Register for the first time."
CreateUserURL="frm_AddNewUser.aspx"
PasswordRecoveryText="Forgot your password?"
PasswordRecoveryURL="frm_PasswordRecovery.aspx">
<TitleTextStyle BackColor="#6B696B" Font-Bold="True" ForeColor="White" />
</asp:Login>
</div>
</form>
</body>
</html>
******************************************
Can anyone help, please?