Ask a Question related to ASP.NET Security, Design and Development.
-
Steve Jansen #1
Re: Forms Authentication - Does Not Redirect
Elmo,
Perhaps you are missing the "allow" child node in your web.config file?
<authorization>
<deny users="?" /> <!-- denies anonymous access -->
<allow users="*, YourRoleName, SomeUsername, Etc" /> <!--allows all
authenticated users -->
</authorization>
According to MSDN: "The default authorization rule in the Machine.config
file is <allow users="*"/> so, by default, access is allowed unless
configured otherwise." Looks like you forgot to include an allow tag.
-Steve
"ElmoWatson" <sputnik75043@yahoo.com> wrote in message
news:OQBUeEsVDHA.2544@tk2msftngp13.phx.gbl...server.> Here's my problem - - I'm trying to setup Forms Authentication on mydata),> I can get the login page to show up every time, but, when it authenticates
> (I have a database lookup setup, which apparently DOES give back good> it just refreshes the login page, deleting the username & password.
>
> I know the database routine works. It returns a user's account properties,
> if verified and nothing, if not - - then, if it returns data from the
> database, I set 'blnValidUer' to True - otherwise, I set it to false. This
> is working as expected.
> Then, I do this in my code:
> if blnValidUser="True" then
> FormsAuthentication.RedirectFromLoginPage(txtUID.t ext, True)
> (I've also tried -----'response.Write (request.QueryString
> ("ReturnURL") & "<br>")
> else
> lblError.text="We're sorry, but the information you provided does not
> match our database. Please try again."
> End If
>
> Here's my Web.config Code:
> <authentication mode="Forms">
> <forms name="MySite"
> loginUrl="login.aspx"
> protection="All"
> timeout="480"
> path="/"
> />
> </authentication>
> <authorization>
> <deny users="?" />
> </authorization>
> I checked an earlier post - - my webserver is named normally, with nothing
> but letters (no underscores, etc) - - so that's not the problem
>
> Is there something I'm missing here? Why doesn't it redirect correctly?
>
>
Steve Jansen Guest
-
Forms Authentication won't redirect to login page
I'm trying to set basic form authentication on a webapp. I allaccess restricted to authenticated users. After changing theWeb.config file in the... -
Redirect fails with Forms Authentication
Geezuz, I feel like a fool but I can't get this SIMPLE redirect out of IIS to hit my login page. Here's the Web.Config code: <authentication... -
ASP.Net Forms authentication with basic authentication popup
Relatively new to ASP.Net but have a strange problem. My site uses forms authentication for a large administration section however after the user... -
Forms authentication then redirection to a secure web with NT authentication?
Hi, I want to allow access to particular secured intranet web sites. These intranet are stored in sharepoint (2003 version) Actually I've... -
Authentication ticket, cookieless, forms authentication?
Hi. I want to use Forms Authentication, cookieless. The issue is setting the Authentication Ticket without using cookies (!) That is, the... -
ElmoWatson #2 Re: Forms Authentication - Does Not Redirect
Has anyone got any ideas on this? I still can't seem to get it to redirect
after authentication......(it still just refreshes the login page)
"ElmoWatson" <sputnik75043@yahoo.com> wrote in message
news:Of%236NGtVDHA.1680@tk2msftngp13.phx.gbl...through> OK - but I need to just allow users, once they've been authenticatedas> my database query...
> I tried adding:
> <allow users="*"/>
> But that doesn't work either. Or I should say, that it works the same wascorrectly?> before - it still just refreshes the Login page
>
> I'm not sure what to put in place of names, after the asterisk, in this
> case......
>
> How can I procede here?
>
> "Steve Jansen" <stj3@nospam.columbia.edu> wrote in message
> news:%23r4jkpsVDHA.2224@TK2MSFTNGP09.phx.gbl...> authenticates> > Elmo,
> >
> > Perhaps you are missing the "allow" child node in your web.config file?
> >
> > <authorization>
> > <deny users="?" /> <!-- denies anonymous access -->
> > <allow users="*, YourRoleName, SomeUsername, Etc" /> <!--allows all
> > authenticated users -->
> > </authorization>
> >
> > According to MSDN: "The default authorization rule in the Machine.config
> > file is <allow users="*"/> so, by default, access is allowed unless
> > configured otherwise." Looks like you forgot to include an allow tag.
> >
> > -Steve
> >
> > "ElmoWatson" <sputnik75043@yahoo.com> wrote in message
> > news:OQBUeEsVDHA.2544@tk2msftngp13.phx.gbl...> > server.> > > Here's my problem - - I'm trying to setup Forms Authentication on my> > > I can get the login page to show up every time, but, when it> properties,> > data),> > > (I have a database lookup setup, which apparently DOES give back good> > > it just refreshes the login page, deleting the username & password.
> > >
> > > I know the database routine works. It returns a user's account> This> > > if verified and nothing, if not - - then, if it returns data from the
> > > database, I set 'blnValidUer' to True - otherwise, I set it to false.> not> > > is working as expected.
> > > Then, I do this in my code:
> > > if blnValidUser="True" then
> > > FormsAuthentication.RedirectFromLoginPage(txtUID.t ext, True)
> > > (I've also tried -----'response.Write (request.QueryString
> > > ("ReturnURL") & "<br>")
> > > else
> > > lblError.text="We're sorry, but the information you provided does> nothing> > > match our database. Please try again."
> > > End If
> > >
> > > Here's my Web.config Code:
> > > <authentication mode="Forms">
> > > <forms name="MySite"
> > > loginUrl="login.aspx"
> > > protection="All"
> > > timeout="480"
> > > path="/"
> > > />
> > > </authentication>
> > > <authorization>
> > > <deny users="?" />
> > > </authorization>
> > > I checked an earlier post - - my webserver is named normally, with> > > but letters (no underscores, etc) - - so that's not the problem
> > >
> > > Is there something I'm missing here? Why doesn't it redirect>> >> > >
> > >
> >
>
ElmoWatson Guest
-
Stage #3 Re: Forms Authentication - Does Not Redirect
Can you post the URL that is showing in the browers address window when you
get the login screen.
"ElmoWatson" <sputnik75043@yahoo.com> wrote in message
news:eWsTJmGWDHA.1900@TK2MSFTNGP10.phx.gbl...was> Has anyone got any ideas on this? I still can't seem to get it to redirect
> after authentication......(it still just refreshes the login page)
>
> "ElmoWatson" <sputnik75043@yahoo.com> wrote in message
> news:Of%236NGtVDHA.1680@tk2msftngp13.phx.gbl...> through> > OK - but I need to just allow users, once they've been authenticated> > my database query...
> > I tried adding:
> > <allow users="*"/>
> > But that doesn't work either. Or I should say, that it works the samefile?> as> > before - it still just refreshes the Login page
> >
> > I'm not sure what to put in place of names, after the asterisk, in this
> > case......
> >
> > How can I procede here?
> >
> > "Steve Jansen" <stj3@nospam.columbia.edu> wrote in message
> > news:%23r4jkpsVDHA.2224@TK2MSFTNGP09.phx.gbl...> > > Elmo,
> > >
> > > Perhaps you are missing the "allow" child node in your web.configMachine.config> > >
> > > <authorization>
> > > <deny users="?" /> <!-- denies anonymous access -->
> > > <allow users="*, YourRoleName, SomeUsername, Etc" /> <!--allows all
> > > authenticated users -->
> > > </authorization>
> > >
> > > According to MSDN: "The default authorization rule in thegood> > authenticates> > > file is <allow users="*"/> so, by default, access is allowed unless
> > > configured otherwise." Looks like you forgot to include an allow tag.
> > >
> > > -Steve
> > >
> > > "ElmoWatson" <sputnik75043@yahoo.com> wrote in message
> > > news:OQBUeEsVDHA.2544@tk2msftngp13.phx.gbl...
> > > > Here's my problem - - I'm trying to setup Forms Authentication on my
> > > server.
> > > > I can get the login page to show up every time, but, when it> > > > (I have a database lookup setup, which apparently DOES give backthe> > properties,> > > data),
> > > > it just refreshes the login page, deleting the username & password.
> > > >
> > > > I know the database routine works. It returns a user's account> > > > if verified and nothing, if not - - then, if it returns data fromfalse.> > > > database, I set 'blnValidUer' to True - otherwise, I set it todoes> > This> > > > is working as expected.
> > > > Then, I do this in my code:
> > > > if blnValidUser="True" then
> > > > FormsAuthentication.RedirectFromLoginPage(txtUID.t ext, True)
> > > > (I've also tried -----'response.Write (request.QueryString
> > > > ("ReturnURL") & "<br>")
> > > > else
> > > > lblError.text="We're sorry, but the information you provided> correctly?> > not> > nothing> > > > match our database. Please try again."
> > > > End If
> > > >
> > > > Here's my Web.config Code:
> > > > <authentication mode="Forms">
> > > > <forms name="MySite"
> > > > loginUrl="login.aspx"
> > > > protection="All"
> > > > timeout="480"
> > > > path="/"
> > > > />
> > > > </authentication>
> > > > <authorization>
> > > > <deny users="?" />
> > > > </authorization>
> > > > I checked an earlier post - - my webserver is named normally, with> > > > but letters (no underscores, etc) - - so that's not the problem
> > > >
> > > > Is there something I'm missing here? Why doesn't it redirect>> >> > > >
> > > >
> > >
> > >
> >
>
Stage Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
