ASP.NET 2.0 Form Security Error

Discussion in 'ASP .Net Security' started by Sk, Mar 21, 2006.

  1. Sk

    Sk Guest

    Hi,

    I've the following code in my web.config -

    <authentication mode="Forms">
    <forms loginUrl="Login.aspx"
    protection="All"
    timeout="30"
    name=".ASPXAUTH"
    requireSSL="false"
    slidingExpiration="true"
    defaultUrl="default.aspx"
    cookieless="UseDeviceProfile"
    enableCrossAppRedirects="false" />
    </authentication>

    And if I try "Default.aspx" directly in the browser; it is not pointing to
    Login.aspx!

    Please advice!
    Sk, Mar 21, 2006
    #1
    1. Advertising

  2. add a <authorization> element that denies anonymous users

    <authorization>
    <deny users="?" />
    </authorization>

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Hi,
    >
    > I've the following code in my web.config -
    >
    > <authentication mode="Forms">
    > <forms loginUrl="Login.aspx"
    > protection="All"
    > timeout="30"
    > name=".ASPXAUTH"
    > requireSSL="false"
    > slidingExpiration="true"
    > defaultUrl="default.aspx"
    > cookieless="UseDeviceProfile"
    > enableCrossAppRedirects="false" />
    > </authentication>
    > And if I try "Default.aspx" directly in the browser; it is not
    > pointing to Login.aspx!
    >
    > Please advice!
    >
    Dominick Baier [DevelopMentor], Mar 21, 2006
    #2
    1. Advertising

  3. Sk

    Sk Guest

    Thanks!
    It worked out pretty well.

    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > add a <authorization> element that denies anonymous users
    >
    > <authorization>
    > <deny users="?" />
    > </authorization>
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    >> Hi,
    >>
    >> I've the following code in my web.config -
    >>
    >> <authentication mode="Forms">
    >> <forms loginUrl="Login.aspx"
    >> protection="All"
    >> timeout="30"
    >> name=".ASPXAUTH"
    >> requireSSL="false"
    >> slidingExpiration="true"
    >> defaultUrl="default.aspx"
    >> cookieless="UseDeviceProfile"
    >> enableCrossAppRedirects="false" />
    >> </authentication>
    >> And if I try "Default.aspx" directly in the browser; it is not
    >> pointing to Login.aspx!
    >>
    >> Please advice!
    >>

    >
    >
    Sk, Mar 21, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Sumi

    ASP.NET 2.0 Form Security Error

    Sumi, Mar 21, 2006, in forum: ASP .Net
    Replies:
    2
    Views:
    422
    S. Justin Gengo
    Mar 21, 2006
  2. Aaron
    Replies:
    1
    Views:
    346
    John C. Bollinger
    Aug 4, 2003
  3. Dinis Cruz

    Asp.Net Security Analyser (new security tool by DDPlus)

    Dinis Cruz, Oct 8, 2003, in forum: ASP .Net Security
    Replies:
    2
    Views:
    136
    Dinis Cruz
    Oct 11, 2003
  4. Michael Randrup
    Replies:
    3
    Views:
    298
    Henning Krause [MVP]
    Mar 27, 2006
  5. Kursat
    Replies:
    1
    Views:
    312
    Dominick Baier
    May 7, 2007
Loading...

Share This Page