M
MS News Public
Hi
I have an asp.net 2.0 project and am experiencing a problem.
In the project, I am trying to make use of Membership.
I have one Role, called "Basic User" and two users - "admin" and "test".
"admin" is a member of the Role but "test" is not.
I have only a few pages in the project at the moment: -
.. SecurePage.aspx - The page I want only authenticated users that are
members of the Role to use.
.. Login.aspx - Login page
.. Unauthorized.aspx - Informs user that they cannot view the secure page
because of a lack of permissions
SecurePage.aspx just contains a ChangePassword control.
Unauthorized.aspx has some text and a LoginStatus control.
So in the SecurePage.aspx, I have this code to handle this: -
Protected Sub form1_Load(ByVal sender As Object, ByVal e As
System.EventArgs)
If User.Identity.IsAuthenticated = False Then
Server.Transfer("login.aspx")
End If
If Roles.IsUserInRole("Basic User") = False Then
Server.Transfer("unauthorized.aspx")
End If
End Sub
If I go to the SecurePage and am not authenticated, it transfers me to
login.aspx.
If I then login with the user "admin", which is in the Role "Basic User", it
works ok.
If I first login with "test", which is NOT in the Role, then I am transfered
to the "unauthorized.aspx" page.
Upto this point, this is fine.
However, if I click "Logout" on the LoginStatus control on the
"unauthorized" page it refreshes and changes to display "Login".
So, if I then click "Login", I am taken back to the login page. The URL in
the address bar at this point is: -
http://localhost:1489/Lesson09/login.aspx?ReturnUrl=/unauthorized.aspx
If I then login with using "admin" - which is a member of the Role - this is
where I get a problem.
Instead of being taken to the SecurePage.aspx as expected, I get taken back
to the "unauthorized.aspx" page.
This is obviously wrong.
Now, I know that this should work but does anybody know why it is not
working?
Is there some settings or something I need to change on my PC? Am I missing
a step or not doing something?
I've checked the obvious things - like that the user was actually in the
Role etc.
However, I just cannot get this to work.
I am new to ASP.Net and so I don't really know where to start to look for
what the problem is?
I have gone through re-doing the project twice now and I still get the same
problem.
For info, I am using: -
- Visual Studio .Net 2005 (Professional) (up to date)
- Latest .Net installed
- Windows XP Pro
- Internet Explorer 6 (version 6.0.2900.2180.xpsp_sp2_gdr.050301-1519) SP2
This project is actually from a training video from learnvisualstudio.net
(available also via www.asp.net). It is Lesson 09 on ASP basics. On the
video, this project works fine, but it does not on my PC.
I would very much appreciate any help or advice on this problem.
Thanks in advance.
Kind regards
Darren Brook
email: (e-mail address removed)
I have an asp.net 2.0 project and am experiencing a problem.
In the project, I am trying to make use of Membership.
I have one Role, called "Basic User" and two users - "admin" and "test".
"admin" is a member of the Role but "test" is not.
I have only a few pages in the project at the moment: -
.. SecurePage.aspx - The page I want only authenticated users that are
members of the Role to use.
.. Login.aspx - Login page
.. Unauthorized.aspx - Informs user that they cannot view the secure page
because of a lack of permissions
SecurePage.aspx just contains a ChangePassword control.
Unauthorized.aspx has some text and a LoginStatus control.
So in the SecurePage.aspx, I have this code to handle this: -
Protected Sub form1_Load(ByVal sender As Object, ByVal e As
System.EventArgs)
If User.Identity.IsAuthenticated = False Then
Server.Transfer("login.aspx")
End If
If Roles.IsUserInRole("Basic User") = False Then
Server.Transfer("unauthorized.aspx")
End If
End Sub
If I go to the SecurePage and am not authenticated, it transfers me to
login.aspx.
If I then login with the user "admin", which is in the Role "Basic User", it
works ok.
If I first login with "test", which is NOT in the Role, then I am transfered
to the "unauthorized.aspx" page.
Upto this point, this is fine.
However, if I click "Logout" on the LoginStatus control on the
"unauthorized" page it refreshes and changes to display "Login".
So, if I then click "Login", I am taken back to the login page. The URL in
the address bar at this point is: -
http://localhost:1489/Lesson09/login.aspx?ReturnUrl=/unauthorized.aspx
If I then login with using "admin" - which is a member of the Role - this is
where I get a problem.
Instead of being taken to the SecurePage.aspx as expected, I get taken back
to the "unauthorized.aspx" page.
This is obviously wrong.
Now, I know that this should work but does anybody know why it is not
working?
Is there some settings or something I need to change on my PC? Am I missing
a step or not doing something?
I've checked the obvious things - like that the user was actually in the
Role etc.
However, I just cannot get this to work.
I am new to ASP.Net and so I don't really know where to start to look for
what the problem is?
I have gone through re-doing the project twice now and I still get the same
problem.
For info, I am using: -
- Visual Studio .Net 2005 (Professional) (up to date)
- Latest .Net installed
- Windows XP Pro
- Internet Explorer 6 (version 6.0.2900.2180.xpsp_sp2_gdr.050301-1519) SP2
This project is actually from a training video from learnvisualstudio.net
(available also via www.asp.net). It is Lesson 09 on ASP basics. On the
video, this project works fine, but it does not on my PC.
I would very much appreciate any help or advice on this problem.
Thanks in advance.
Kind regards
Darren Brook
email: (e-mail address removed)