Ask a Question related to ASP.NET Security, Design and Development.
-
Henry #1
Form authentication, what about normal login?
Hello,
Let's assume we have setup from-based authentication in a website.
And the front page of this website is a login page with some welcome
message.
A user types in URL and request this front page.
But the IIS cannot find AUTH cookie for this user, so it redirect the
user to the login page, which we setup as the same login page as we
mentioned earlier.
Then after user login, and then he will be redirect back to the
original page he requested, which is the same login page again.
Isn't that funny?
OK, you might say we can somehow (how?) config the IIS so that this
front page doesn't require authentication.
But the problem remains.
If a user types in URL and succefully get this front page, he typed in
his user name and password and click on submit button.
Then the login page will check the credential and then redirect user
to other pages, e.g. his inbox.
But during this process, no AUTH coockie is created.
The login page doesn't create AUTH cookie.
So the user will be redirect to login page later when he visit other
page.
Please tell me what's wrong with my logic.
Thank you very much.
Henry Guest
-
Strange problem with Forms authentication: After successfull login, login page is still displayed
Hi there I have a quite strange problem with my ASP.NET-Application. The application has being deployed one year ago and worked fine till last... -
Form Authentication - Roles - Always returns to login screen
I'm using forms authentication and I want to limit access to certain directories only to users with certain roles. I have the following code... -
Custom Login Form for Windows Authentication?
Hello: I need to have a custom login form page for a site with Windows Authentication and internally i make the 'authentication windows process'.... -
Is there a way to determe reason for authentication in login form?
I can't find a way to tell if the login form has been run as a result of accessing a directory the user is not authorized for. I am using forms... -
Form Authentication with Remote Login.aspx
I know this is an old question, but searching all over the internet plus several MS security conferences, still haven't got a straight anwser. ... -
Keith #2 Form authentication, what about normal login?
Good question, in fact one I had to deal with a while
back.
[url]http://www.devx.com/vb2themax/Tip/18800[/url]
Basically, you can setup different settings for different
files/folders of your apps. Focus on the location
section of the web.config for your answer.
a website.>-----Original Message-----
>Hello,
>Let's assume we have setup from-based authentication insome welcome>And the front page of this website is a login page withredirect the>message.
>A user types in URL and request this front page.
>But the IIS cannot find AUTH cookie for this user, so itpage as we>user to the login page, which we setup as the same loginto the>mentioned earlier.
>Then after user login, and then he will be redirect backpage again.>original page he requested, which is the same loginso that this>Isn't that funny?
>
>OK, you might say we can somehow (how?) config the IISpage, he typed in>front page doesn't require authentication.
>But the problem remains.
>If a user types in URL and succefully get this frontredirect user>his user name and password and click on submit button.
>Then the login page will check the credential and thenvisit other>to other pages, e.g. his inbox.
>But during this process, no AUTH coockie is created.
>The login page doesn't create AUTH cookie.
>So the user will be redirect to login page later when he>page.
>Please tell me what's wrong with my logic.
>
>Thank you very much.
>.
>Keith Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
