Forms Authentication Timeout

Discussion in 'ASP .Net Security' started by Stu, Aug 4, 2005.

  1. Stu

    Stu Guest

    Hi all,

    I have a forms authentication protected application that doesn't seem to
    redirect back to the login page when the ticket expires. I have the
    web.config set up (for testing purposes) as such:
    <authentication mode="Forms">
    <forms name=".RENOWNSUPPORTAUTH" loginUrl="login.aspx" protection="All"
    timeout="1" path="/" slidingExpiration="false"/>
    </authentication>

    And after 1 minute has rolled around, the page displays this error and
    doesn't redirect back to the login page as expected:
    Server Error in '/FormsAuthenticationTest' Application
    --------------------------------------------------------------------------------

    Access is denied.
    Description: An error occurred while accessing the resources required to
    serve this request. The server may not be configured for access to the
    requested URL.

    Error message 401.2.: You do not have permission to view this directory or
    page using the credentials you supplied. Contact the Web server's
    administrator for help.


    --------------------------------------------------------------------------------
    Version Information: Microsoft .NET Framework Version:1.1.4322.2032; ASP.NET
    Version:1.1.4322.2032

    Appreciate any light anyone can shed on this for me.
    --
    Cheers,
    Stu
     
    Stu, Aug 4, 2005
    #1
    1. Advertising

  2. August 6, 2005

    That sounds strange. Are you in a sub folder when you get the error? Maybe
    it is saying ./login.aspx of the page you are CURRENTLY on, and not from the
    web.config's folder. Maybe try a absolute url path in the web.config? Hope
    this helps!

    --
    Joseph Bittman
    Microsoft Certified Solution Developer

    Web Site: http://71.39.42.23
    Static IP




    "Stu" <> wrote in message
    news:...
    > Hi all,
    >
    > I have a forms authentication protected application that doesn't seem to
    > redirect back to the login page when the ticket expires. I have the
    > web.config set up (for testing purposes) as such:
    > <authentication mode="Forms">
    > <forms name=".RENOWNSUPPORTAUTH" loginUrl="login.aspx" protection="All"
    > timeout="1" path="/" slidingExpiration="false"/>
    > </authentication>
    >
    > And after 1 minute has rolled around, the page displays this error and
    > doesn't redirect back to the login page as expected:
    > Server Error in '/FormsAuthenticationTest' Application.
    > --------------------------------------------------------------------------------
    >
    > Access is denied.
    > Description: An error occurred while accessing the resources required to
    > serve this request. The server may not be configured for access to the
    > requested URL.
    >
    > Error message 401.2.: You do not have permission to view this directory or
    > page using the credentials you supplied. Contact the Web server's
    > administrator for help.
    >
    >
    > --------------------------------------------------------------------------------
    > Version Information: Microsoft .NET Framework Version:1.1.4322.2032;
    > ASP.NET
    > Version:1.1.4322.2032
    >
    > Appreciate any light anyone can shed on this for me.
    > --
    > Cheers,
    > Stu
     
    Joseph Bittman MCSD, Aug 6, 2005
    #2
    1. Advertising

  3. Stu

    Stu Guest

    Hi Joseph,

    Nah, I'm not in a sub folder. I do use the <location> elements of the
    web.config file though so perhaps there is something to do with that??? I
    can't attribute the working/not working of the redirect to either of the
    paths specifically set in the web.config but it is just a thought. I have
    included the whole web.config...

    <system.web>
    <compilation defaultLanguage="c#" debug="true"></compilation>
    <authentication mode="Forms">
    <forms name=".RENOWNSUPPORTAUTH" loginUrl="login.aspx" protection="All"
    timeout="30" path="/" slidingExpiration="true"/>
    </authentication>
    <authorization>
    <deny users="?"/> <!-- Deny access to all unauthenticated users -->
    </authorization>
    <customErrors mode="Off"/>
    </system.web>

    <location path="login.aspx">
    <system.web>
    <authorization>
    <allow users="*"/> <!-- Allow all users -->
    </authorization>
    </system.web>
    </location>
    <location path="logout.aspx">
    <system.web>
    <authorization>
    <allow users="*"/> <!-- Allow all users -->
    </authorization>
    </system.web>
    </location>
    <location path="error.aspx">
    <system.web>
    <authorization>
    <allow users="*"/> <!-- Allow all users -->
    </authorization>
    </system.web>
    </location>
    <location path="scripts/">
    <system.web>
    <authorization>
    <allow users="*"/> <!-- Allow all users -->
    </authorization>
    </system.web>
    </location>
    --
    Cheers,
    Stu


    "Joseph Bittman MCSD" wrote:

    > August 6, 2005
    >
    > That sounds strange. Are you in a sub folder when you get the error? Maybe
    > it is saying ./login.aspx of the page you are CURRENTLY on, and not from the
    > web.config's folder. Maybe try a absolute url path in the web.config? Hope
    > this helps!
    >
    > --
    > Joseph Bittman
    > Microsoft Certified Solution Developer
    >
    > Web Site: http://71.39.42.23
    > Static IP
    >
    >
    >
    >
    > "Stu" <> wrote in message
    > news:...
    > > Hi all,
    > >
    > > I have a forms authentication protected application that doesn't seem to
    > > redirect back to the login page when the ticket expires. I have the
    > > web.config set up (for testing purposes) as such:
    > > <authentication mode="Forms">
    > > <forms name=".RENOWNSUPPORTAUTH" loginUrl="login.aspx" protection="All"
    > > timeout="1" path="/" slidingExpiration="false"/>
    > > </authentication>
    > >
    > > And after 1 minute has rolled around, the page displays this error and
    > > doesn't redirect back to the login page as expected:
    > > Server Error in '/FormsAuthenticationTest' Application.
    > > --------------------------------------------------------------------------------
    > >
    > > Access is denied.
    > > Description: An error occurred while accessing the resources required to
    > > serve this request. The server may not be configured for access to the
    > > requested URL.
    > >
    > > Error message 401.2.: You do not have permission to view this directory or
    > > page using the credentials you supplied. Contact the Web server's
    > > administrator for help.
    > >
    > >
    > > --------------------------------------------------------------------------------
    > > Version Information: Microsoft .NET Framework Version:1.1.4322.2032;
    > > ASP.NET
    > > Version:1.1.4322.2032
    > >
    > > Appreciate any light anyone can shed on this for me.
    > > --
    > > Cheers,
    > > Stu

    >
    >
    >
     
    Stu, Aug 7, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Do
    Replies:
    2
    Views:
    6,407
  2. Eric
    Replies:
    2
    Views:
    1,529
    Tommy
    Feb 13, 2004
  3. Sosh
    Replies:
    1
    Views:
    1,886
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
    Dec 31, 2005
  4. Eric
    Replies:
    2
    Views:
    596
  5. Mark Probert

    Timeout::timeout and Socket timeout

    Mark Probert, Oct 6, 2004, in forum: Ruby
    Replies:
    1
    Views:
    1,310
    Brian Candler
    Oct 6, 2004
Loading...

Share This Page