Use Form Authentication to control visibility of tag for logged-in users

Discussion in 'ASP .Net Security' started by liuhang@gmail.com, Feb 10, 2006.

  1. Guest

    Hi, guys,

    I'm trying to migrate one of my application written in .NET 1.1 to the
    new 2.0, and keep the Form type Authentication for the login part,
    which should only show the LogOff tag on the banner to logged-in users.
    Currently I'm having problem to show the LogOff tab after valid user
    login. It works fine when I browse it using "View In Browser" in my
    VS2005, but if i open a new IE and start from localhost, it doesn't
    work. The code of the authentication part in my Banner.ascx.vb looks
    like:

    ...... ......
    Private Sub Page_Load(ByVal sender As System.Object, ByVal e As
    System.EventArgs) Handles MyBase.Load
    Dim tabItems As New ArrayList

    If Request.IsAuthenticated = True Then
    ' If isAuthenticated add log tab
    ' add the Log tab (all users can see this tab)
    ... ...

    tabItems.Add(New TabItem("Other",
    "otherPage.aspx?index=" & tabItems.Count))
    tabItems.Add(New TabItem("Help", "ctnHelp.aspx?index="
    & tabItems.Count))
    ...... ......
    End If

    'Show log off button if user is form authenticated
    If Context.User.Identity.AuthenticationType Is "Forms" Then
    LogOff.Visible = True
    End If
    .....

    and in my web.config I've included:

    <authentication mode="Forms">
    <forms name=".ASPXAUTH" protection="All" timeout="60"
    loginUrl="desktopdefault.aspx"/>
    </authentication>
    <identity impersonate="true"/>

    Is it related to the configuration of ASP.NET 2.0 security in IIS, and
    even cookies? I've searched on Google and still cann't find an answer
    so far. Does any of you have idea what the problem could be and how
    should I overcome it?

    TIA. Alan
     
    , Feb 10, 2006
    #1
    1. Advertising

  2. It looks as if the Context User Idenetity is lost when viewing from
    localhost
    Patrick

    <> wrote in message
    news:...
    > Hi, guys,
    >
    > I'm trying to migrate one of my application written in .NET 1.1 to the
    > new 2.0, and keep the Form type Authentication for the login part,
    > which should only show the LogOff tag on the banner to logged-in users.
    > Currently I'm having problem to show the LogOff tab after valid user
    > login. It works fine when I browse it using "View In Browser" in my
    > VS2005, but if i open a new IE and start from localhost, it doesn't
    > work. The code of the authentication part in my Banner.ascx.vb looks
    > like:
    >
    > ...... ......
    > Private Sub Page_Load(ByVal sender As System.Object, ByVal e As
    > System.EventArgs) Handles MyBase.Load
    > Dim tabItems As New ArrayList
    >
    > If Request.IsAuthenticated = True Then
    > ' If isAuthenticated add log tab
    > ' add the Log tab (all users can see this tab)
    > ... ...
    >
    > tabItems.Add(New TabItem("Other",
    > "otherPage.aspx?index=" & tabItems.Count))
    > tabItems.Add(New TabItem("Help", "ctnHelp.aspx?index="
    > & tabItems.Count))
    > ...... ......
    > End If
    >
    > 'Show log off button if user is form authenticated
    > If Context.User.Identity.AuthenticationType Is "Forms" Then
    > LogOff.Visible = True
    > End If
    > .....
    >
    > and in my web.config I've included:
    >
    > <authentication mode="Forms">
    > <forms name=".ASPXAUTH" protection="All" timeout="60"
    > loginUrl="desktopdefault.aspx"/>
    > </authentication>
    > <identity impersonate="true"/>
    >
    > Is it related to the configuration of ASP.NET 2.0 security in IIS, and
    > even cookies? I've searched on Google and still cann't find an answer
    > so far. Does any of you have idea what the problem could be and how
    > should I overcome it?
    >
    > TIA. Alan
    >
     
    Patrick.O.Ige, Feb 11, 2006
    #2
    1. Advertising

  3. Alan Guest

    Patrick, thanks for the reply. That's one of the reason I've thought of
    too. So I guess it's not a ASP.NET problem but rather is associated w/
    the IIS configuration. I didn't see anything wrong w/ the settings in
    my IIS, it's where I'm stuck.
     
    Alan, Feb 13, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. keithb
    Replies:
    0
    Views:
    662
    keithb
    Feb 16, 2006
  2. shruds
    Replies:
    1
    Views:
    966
    John C. Bollinger
    Jan 27, 2006
  3. Replies:
    1
    Views:
    980
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
    Apr 12, 2007
  4. André
    Replies:
    2
    Views:
    800
    André
    Jun 23, 2008
  5. Lorenzo

    Form Authentication and logged in users (newbie)

    Lorenzo, Nov 17, 2005, in forum: ASP .Net Security
    Replies:
    3
    Views:
    165
    Brock Allen
    Nov 18, 2005
Loading...

Share This Page