Forms authentication: need help urgently !!!

Discussion in 'ASP .Net' started by, Jun 23, 2005.

  1. Guest

    Hi everybody !

    I'm working on a app and have been doing fine until I now try
    to secure it using Forms authentication. I'm still pretty new to .net
    and very new to "forms authentication" but I understand it's a pretty
    neat thing !

    Here's my problem:
    In my solution I have a main project Called "GUILayer". Here I have all
    the "public" pages.
    In this project I have a subfolder called "admin" which contains all
    admin pages that I want to secure. In this folder I have the loginpage,

    What I want to do is to have all the pages in this folder protected and
    if someone tries to access any pages without login in, they should be
    directed to login.aspx. Upon sucessfull login the user should be
    redirected to index.aspx, in the admin-folder.

    What happens now is, the pages in the admin folder are protected, that
    part is working. I'm always redirected to the login-page when I try to
    access some of the protected pages. But upon sucessfull login, I get
    redirected to "default.aspx", which is the start-page of the root
    folder, (ie. GUILayer/default.aspx).
    I want to be redirected to GUILayer/admin/index.aspx instead.

    I'm not really sure what happens 'backstage' here...
    I'm sure I'm missing something obvious here, and normally I solve
    problems just reading a few tutorials and get a better understanding of
    the problem. The thing now is that I just don't have the time for it.
    So I'm putting it side for a day or two, and hope you can give me some
    advise ! I've always managed to solve my problems through this group
    before and I'm sure I'll do it again !

    The code is below...

    Thanks alot everybody !

    Fredrik Holm

    here's the code for the login page:
    Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As
    System.EventArgs) Handles btnLogin.Click

    Dim objContactBL As New ContactBL
    Dim objContact As New Contact
    objContact.Username = txtUsername.Text
    objContact.Password = txtPassword.Text

    If objContactBL.verifyLogin(objContact) = True Then
    Session("ContactID") = CStr(objContact.ContactID)
    Session("FirstName") = CStr(objContact.ContactFName)
    Session("UserName") = CStr(objContact.Username)

    FormsAuthentication.RedirectFromLoginPage(Session("UserName"), False)

    lblMessage.Visible = True
    lblMessage.Text = "Login failed ! Please try again"
    txtUsername.Text = ""
    txtPassword.Text = ""
    End If

    End Sub
    and here's the web.config file. I think I must change something here
    <authentication mode="Forms">
    <forms name="admin" loginUrl="admin/login.aspx" protection="All"
    timeout="30" path="admin/" />
    <allow users="*" /> <!-- Allow all users -->
    <location path="admin"> <!--path can be a direcory or a specificated
    page such as "XXX.aspx"-->
    <deny users="?" /> <!--?=anonymous: deny all users we don't know-->
    , Jun 23, 2005
    1. Advertising

  2. Guest

    hmmm...actually, I take that back..the admin folder is not protected.
    It was working for a while ! I don't know why it doesn't now,,,I
    haven't changed anything...

    , Jun 23, 2005
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Eric
    Feb 13, 2004
  2. Joey Liang via

    Urgently need help in drop down list..thanx

    Joey Liang via, May 24, 2005, in forum: ASP .Net
    Joey Liang via
    May 24, 2005
  3. gauthier
    Jun 30, 2005
  4. Zino K via
    Bjorn Borud
    Aug 22, 2005
  5. Eric

Share This Page