Ask a Question related to ASP.NET Security, Design and Development.
-
Attila #1
Unable to get Forms-based Authentication to work
Hello,
I'm new to ASP.NET, and I'm trying to learn how to implement forms
based authentication. However, I don't know what I'm doing wrong.
While the FormsAuthentication.Authenticate method returns true, after
I call FormsAuthentication.RedirectFromLoginPage I am redirected back
to the login page. I would expect that once the Authenticate method is
run, the user should be authenticated, and the user should be able to
view any page on the site.
Any ideas of what I'm doing wrong? Do I need to set a session
variable? Is there something wrong/missing from my web.config file?
Thanks,
Attila
web.config:
<configuration>
<system.web>
<authentication mode="Forms">
<forms name=".helpdesk_admin_dev"
path="/"
loginUrl="LogIn.aspx"
protection="Encryption"
timeout="300">
<credentials passwordFormat="Clear">
<user name="test" password="1234" />
</credentials>
</forms>
</authentication>
<authorization>
<allow users="test" />
<deny users="?" />
</authorization>
</system.web>
</configuration>
LogIn.aspx code:
protected void Login_Click(Object sender, EventArgs E)
{
string strUsername = Username.Value;
string strPassword = Password.Value;
//Validate the username against the web.config file
if(FormsAuthentication.Authenticate(strUsername, strPassword))
{
FormsAuthentication.RedirectFromLoginPage(strUsern ame, false);
}
else
{
Message.Text = "You did not enter a valid username and password.";
}
}
Attila Guest
-
Role based Forms Authentication
Before I start I must point out that this does work on my local Windows XP machine but does not work on a Windows 2003 Server. I have created a... -
Forms Authentication based on roles.
HI, I have the following problem. I am making a portal of DJs. The djs must have a Menu, the administrator another menu. I created 2 directories... -
Forms Based Authentication - Groups
What example are you talking about? It doesn't appear in the newsgroup where you posted. Joe K. "cathie corcoran via .NET 247"... -
Forms-based Authentication
HI I'm using Forms-based Authentication and trying out the example from the book: "ASP.NET Professional Secrets" after downloading the c# code... -
Forms based authentication pointing at a different URL
Everyone, I have a question about forms based authentication. Can the loginURL point at a different server than the current one? Example: A... -
Tian Min Huang #2 RE: Unable to get Forms-based Authentication to work
Hi Attila,
Please refer to the following MSDN articles for how to implement form based
authentication in asp.net:
HOW TO: Implement Forms-Based Authentication in Your ASP.NET Application by
Using C# .NET
[url]http://support.microsoft.com/?id=301240[/url]
HOW TO: Implement Role-Based Security with Forms-Based Authentication in
Your ASP.NET Application by Using Visual C# .NET
[url]http://support.microsoft.com/?id=311495[/url]
Hope this helps.
Regards,
HuangTM
This posting is provided "AS IS" with no warranties, and confers no rights.
Tian Min Huang Guest
-
Attila #3 Re: Unable to get Forms-based Authentication to work
Thank you, but I have already seen those links. From what I can tell
my settings are setup correctly, yet it still doesn't appear to be
working. I had thought that my problem was related to my browser,
although it's currently set to accept all cookies.
Attila
[email]timhuang@online.microsoft.com[/email] (Tian Min Huang) wrote in message news:<mk$ydg7RDHA.2284@cpmsftngxa06.phx.gbl>...> Hi Attila,
>
> Please refer to the following MSDN articles for how to implement form based
> authentication in asp.net:
>
> HOW TO: Implement Forms-Based Authentication in Your ASP.NET Application by
> Using C# .NET
> [url]http://support.microsoft.com/?id=301240[/url]
>
> HOW TO: Implement Role-Based Security with Forms-Based Authentication in
> Your ASP.NET Application by Using Visual C# .NET
> [url]http://support.microsoft.com/?id=311495[/url]
>
> Hope this helps.
>
> Regards,
> HuangTM
> This posting is provided "AS IS" with no warranties, and confers no rights.Attila Guest
-
JD Bee #4 Re: Unable to get Forms-based Authentication to work
Hi Buddy!
I had the exact same problem as you did. here is how i solved it:
First, i want you to know i dont fully understand why it works, but it
does. :)
to redirect after login i was using:
Response.Redirect(
FormsAuthentication.GetRedirectUrl(this.Username.T ext,false));
i replaced it with:
FormsAuthentication.RedirectFromLoginPage(this.Use rname.Text,true);
and it now works fine. is it the state cookie param from false to true
or the change of the method, im not sure.
*** Sent via Developersdex [url]http://www.developersdex.com[/url] ***
Don't just participate in USENET...get rewarded for it!
JD Bee Guest
-
JD Bee #5 Re: Unable to get Forms-based Authentication to work
Hi Buddy!
I had the exact same problem as you did. here is how i solved it:
First, i want you to know i dont fully understand why it works, but it
does. :)
to redirect after login i was using:
Response.Redirect(
FormsAuthentication.GetRedirectUrl(this.Username.T ext,false));
i replaced it with:
FormsAuthentication.RedirectFromLoginPage(this.Use rname.Text,true);
and it now works fine. is it the state cookie param from false to true
or the change of the method, im not sure.
*** Sent via Developersdex [url]http://www.developersdex.com[/url] ***
Don't just participate in USENET...get rewarded for it!
JD Bee Guest
-
Tian Min Huang #6 Re: Unable to get Forms-based Authentication to work
Hi Attila,
Thanks for your update.
Please check whether your server name contains other characters, say,
underscore character ("_"). Based on my research, Internet Explorer blocks
cookies from a server if the its name contains such characters. Please
refer to the following article for detailed information:
PRB: Session Variables Do Not Persist Between Requests After You Install
Internet Explorer Security Patch MS01-055
[url]http://support.microsoft.com/?id=316112[/url]
I look forward to hearing from you.
Have a nice day!
Regards,
HuangTM
Microsoft Online Partner Support
MCSE/MCSD
Get Secure! ¨C [url]www.microsoft.com/security[/url]
This posting is provided ¡°as is¡± with no warranties and confers no rights.
Tian Min Huang Guest
-
Attila #7 Re: Unable to get Forms-based Authentication to work
The problem was that my server name contained uderscores. I removed
the underscores from the server name, and it now works. Thanks.
Attila
[email]timhuang@online.microsoft.com[/email] (Tian Min Huang) wrote in message news:<CpIuc21SDHA.2184@cpmsftngxa06.phx.gbl>...> Hi Attila,
>
> Thanks for your update.
>
> Please check whether your server name contains other characters, say,
> underscore character ("_"). Based on my research, Internet Explorer blocks
> cookies from a server if the its name contains such characters. Please
> refer to the following article for detailed information:
>
> PRB: Session Variables Do Not Persist Between Requests After You Install
> Internet Explorer Security Patch MS01-055
> [url]http://support.microsoft.com/?id=316112[/url]
>
> I look forward to hearing from you.
>
> Have a nice day!
>
> Regards,
>
> HuangTM
> Microsoft Online Partner Support
> MCSE/MCSD
>
> Get Secure! ¨C [url]www.microsoft.com/security[/url]
> This posting is provided ¡°as is¡± with no warranties and confers no rights.Attila Guest
-
John Kievlan #8 Re: Unable to get Forms-based Authentication to work
I will be forever in your debt, friend Tian. I've been
beating my head into the wall over this problem for the
past two weeks... and if I hadn't come across this
thread, I'd *still* be beating my head into the wall. My
server name contained an underscore, and when I started
using ASP.NET, I couldn't store cookies or session
variables... which was EXTREMELY frustrating. Thanks
again.
John Kievlan Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
