A
Attila
Hello,
I'm new to ASP.NET, and I'm trying to learn how to implement forms
based authentication. However, I don't know what I'm doing wrong.
While the FormsAuthentication.Authenticate method returns true, after
I call FormsAuthentication.RedirectFromLoginPage I am redirected back
to the login page. I would expect that once the Authenticate method is
run, the user should be authenticated, and the user should be able to
view any page on the site.
Any ideas of what I'm doing wrong? Do I need to set a session
variable? Is there something wrong/missing from my web.config file?
Thanks,
Attila
web.config:
<configuration>
<system.web>
<authentication mode="Forms">
<forms name=".helpdesk_admin_dev"
path="/"
loginUrl="LogIn.aspx"
protection="Encryption"
timeout="300">
<credentials passwordFormat="Clear">
<user name="test" password="1234" />
</credentials>
</forms>
</authentication>
<authorization>
<allow users="test" />
<deny users="?" />
</authorization>
</system.web>
</configuration>
LogIn.aspx code:
protected void Login_Click(Object sender, EventArgs E)
{
string strUsername = Username.Value;
string strPassword = Password.Value;
//Validate the username against the web.config file
if(FormsAuthentication.Authenticate(strUsername, strPassword))
{
FormsAuthentication.RedirectFromLoginPage(strUsername, false);
}
else
{
Message.Text = "You did not enter a valid username and password.";
}
}
I'm new to ASP.NET, and I'm trying to learn how to implement forms
based authentication. However, I don't know what I'm doing wrong.
While the FormsAuthentication.Authenticate method returns true, after
I call FormsAuthentication.RedirectFromLoginPage I am redirected back
to the login page. I would expect that once the Authenticate method is
run, the user should be authenticated, and the user should be able to
view any page on the site.
Any ideas of what I'm doing wrong? Do I need to set a session
variable? Is there something wrong/missing from my web.config file?
Thanks,
Attila
web.config:
<configuration>
<system.web>
<authentication mode="Forms">
<forms name=".helpdesk_admin_dev"
path="/"
loginUrl="LogIn.aspx"
protection="Encryption"
timeout="300">
<credentials passwordFormat="Clear">
<user name="test" password="1234" />
</credentials>
</forms>
</authentication>
<authorization>
<allow users="test" />
<deny users="?" />
</authorization>
</system.web>
</configuration>
LogIn.aspx code:
protected void Login_Click(Object sender, EventArgs E)
{
string strUsername = Username.Value;
string strPassword = Password.Value;
//Validate the username against the web.config file
if(FormsAuthentication.Authenticate(strUsername, strPassword))
{
FormsAuthentication.RedirectFromLoginPage(strUsername, false);
}
else
{
Message.Text = "You did not enter a valid username and password.";
}
}