S
Simon Harris
Hi All,
I'm trying to setup forms based authentication, so that the user gets
prompted for a password when they try to access /admin (I wont actually call
it that in production of course!)
I want the user/pass to be stored in web.config.
This will be for a website that is otherwise open to anonymous access.
At the moment, I have:
/common/authenticate.aspx - My login page, with the following code,
onclick of the login button:
If FormsAuthentication.Authenticate(txtUser.Text, txtPassword.Text)
Then
FormsAuthentication.RedirectFromLoginPage(txtUser.Text,
chkPersistLogin.Checked)
Else
Me.lblErrorMsg.Text = "Result of authentication attempt: " &
FormsAuthentication.Authenticate(txtUser.Text, txtPassword.Text)
End If
/admin/web.config, which contains:
<authentication mode="Forms">
<forms name="AdoContentEditor" path="/contenteditor"
loginUrl="/common/authenticate.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="admin" password="password" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
When I try to access an aspx page in /admin, as expected I am redirected to
/common/authenticate.aspx, how ever,
FormsAuthentication.Authenticate(txtUser.Text, txtPassword.Text) always
returns 'false'.
I suspect I have got my web.config locations wrong, but have tried a few
combinations...any help/advice will be much appreciated!
Thanks,
Simon.
I'm trying to setup forms based authentication, so that the user gets
prompted for a password when they try to access /admin (I wont actually call
it that in production of course!)
I want the user/pass to be stored in web.config.
This will be for a website that is otherwise open to anonymous access.
At the moment, I have:
/common/authenticate.aspx - My login page, with the following code,
onclick of the login button:
If FormsAuthentication.Authenticate(txtUser.Text, txtPassword.Text)
Then
FormsAuthentication.RedirectFromLoginPage(txtUser.Text,
chkPersistLogin.Checked)
Else
Me.lblErrorMsg.Text = "Result of authentication attempt: " &
FormsAuthentication.Authenticate(txtUser.Text, txtPassword.Text)
End If
/admin/web.config, which contains:
<authentication mode="Forms">
<forms name="AdoContentEditor" path="/contenteditor"
loginUrl="/common/authenticate.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="admin" password="password" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
When I try to access an aspx page in /admin, as expected I am redirected to
/common/authenticate.aspx, how ever,
FormsAuthentication.Authenticate(txtUser.Text, txtPassword.Text) always
returns 'false'.
I suspect I have got my web.config locations wrong, but have tried a few
combinations...any help/advice will be much appreciated!
Thanks,
Simon.