Q: form authentication complete?

G

Guest

Hello,
I used this site to do form authentication
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmod/html/secmod17.asp

My code successfully comes to the point:
if (passwordVerified == true )
{
// The user is authenticated
// At this point, an authentication ticket is normally created
// This can subsequently be used to generate a GenericPrincipal
// object for .NET authorization purposes
// For details, see "How To: Use Forms authentication with GenericPrincipal
// objects
lmsg.Text = "Logon successful: User is authenticated";
Server.Transfer("MyMainPage.aspx", true);.
}

As you see, I do not do anything after that and switch to my main page by
using Server.Transfer("MyMainPage.aspx", true);. My problem is, even if I
have anonymous access and integrated windows checked, I get prompt to login
when I go to my main page. Maybe I should cerate ticket here to complete
authentication. If that is the case, how can I do that?
 
G

Guest

If you use Windows security to secure files, you will have to log in to
access the files. The same is true if you set the config file up to check
whether the user is valid for certain pages. Even with anon access on, you
will end up with a security check if the app is configured to check.

If you would like to have an app on a domain that automatically logs people
in, that is a setting in Internet Explorer. The best way to facilitate is to
talk to the network admins and have them push it.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

***************************
Think Outside the Box!
***************************
 
G

Guest

I could not believe that nobody is able to answer this question. This whole
concept of authorization, authentication, IIS are complex. Microsoft should
come up with better simple way of handling these issues. High level security
is important but if you have to know all details to have it, then you are
actually missing the whole point of security. It should be implement-able
easily.

Anyway, I put this line
FormsAuthentication.SetAuthCookie(txtUserName.Text,false);
before server transfer, it works fine.
 
J

joey.powell

from... "System.Web.Security" namespace

FormsAuthentication.RedirectFromLoginPage("SomePage.aspx")

This will work by parsing a querystring in Login page's URL. There are
also some entries in web.config that have to be set.

Let the forms security do the redirect/transfer. Do not do it
explicitly. Examples on gotdotnet.com.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Forms Authentication using SQL Server - problem 1
Forms Authentication. Roles problem in IIS7. Any idea? Anyone? 0
Prob: Connecting to MSSQL using windows authentication 7
Help with Form authentication 9
authentication 1
web.config and Anonymous Authentication problems ??? 0
problems understanding Authentication / Authorisation in ASP.NET 2.0. 0
Forms Authentication 4

Members online

No members online now.
Total: 33 (members: 0, guests: 33)
Robots: 324

Forum statistics

Threads
473,755
Messages
2,569,536
Members
45,009
Latest member
GidgetGamb

Latest Threads

Top