Forms Authentication Question

G

Greg

I would like to secure an ASP.NET application with Forms
Authentication. Within the web.config file of the
application, I have the following:

<authentication mode="Forms">
<forms
loginUrl="http://localhost/authenticate/login.aspx"
path="/" />
</authentication>

<authorization>
<deny users="?" />
</authorization>

The IIS Security is set to Anonymous Access. When I
attempt to access a page in my web application, I am
redirected to the login page specified in the URL above.
When I enter the username and password, and click login,
I am redirected again to the same login page. I cannot
get past the login page. What am I doing wrong?
 
N

news.tele.dk

Greg said:
The IIS Security is set to Anonymous Access. When I
attempt to access a page in my web application, I am
redirected to the login page specified in the URL above.
When I enter the username and password, and click login,
I am redirected again to the same login page. I cannot
get past the login page. What am I doing wrong?
Click to expand...

Hey

The;
<forms
loginUrl="x"...

Redirect you to a page where u want unauthorized users to go.
If validation mismatch you will get that pages. That is properly why.

You have to add som credential -Tags to your Web.Config, or make validation
correct in your database.
 
T

Tommy Martin

You need to set the security cookie using either
FormsAuthentication.RedirectFromLoginPage or SetAuthCookie.

Hope this helps.

Tommy
 
G

Greg

Thanks for the reply. I use the
FormsAuthentication.RedirectFromLoginPage method after I
have validated the user's username and password against
our Active Directory.
 
R

Robert Anon

I am having the same problem...

I use Forms authentication and everything works fine on my local comp
(win XP) and DID work on the host's server (win 2k)... but I just got
moved to a win 2k3 server and now I get redirected even after being
authenticated (I have the login page show whether or not a user is
authenticated)
 
R

Robert Anon

Any ideas???

This is really frustrating as it shows that I am logged in as "user"
with the Authentication Method being FORMS ... Nevertheless, I still
can't access the protected directory
 
Z

Z

I believe the problem is that your login page is in a folder that is not
accessible by anonymous users. Put the login.aspx page in a public
<authorization ... allow user="*"> folder and protected pages in a separate
folder (that doesn't allow anonymous users. ) Give it shot. It works
here!!! Also, keep in mind that web.config settings flow down the directory
structure until another web.config is found that overrides its settings.

HTH.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

forms authentication brings up dialog 0
Forms authentication 4
Forms Authentication 8
forms authentication and wildcard mappings on UNC share 1
Forms authentication - clean cookie when close browser 1
What language should I learn to create an authentication website? 2
Forms Authentication: <location> authorization not bypasssing login page. 1
Help in forms authentication 3

Members online

Total: 34 (members: 2, guests: 32)
Robots: 106

Forum statistics

Threads
473,777
Messages
2,569,604
Members
45,221
Latest member
TrinidadKa

Latest Threads

Top