form authentication parser error.

[raizen]

I have a sub-directory named admin and when a user tries to access the page
inside "admin" folder I would like to use form authentication to validate the
user. It says on many forums that I need the "admin" folder to be virtual
directory which is set as an application so I did. The login page inside
"admin" folder uses code-behind. When I compile and try to view the
login.aspx page I get a "Could not load type 'xxxxxx.login'" Sorta figured
that the page cannot find the bin directory which is in the root directory so
I coded without using code-behind and wrote the authentication script inside
the login.aspx page and this worked. However after the page redirect to the
another page inside "admin" folder. That page fails cause it cannot find the
"bin" directory...

If I don't set "admin" folder as virtual folder and as application, I
receive the following error:

"It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This error
can be caused by a virtual directory not being configured as an application
in IIS."

I am desparate...I've been at this problem for last 5 days. Been to all
forums and searched all over internet website.

Could anyone help me out why this is not working properly?

Thanks in advance.

 

[Andrew]

Raizen,

I ran into the *exact* same problem with the *exact* same situation. I
have a web-based application where I want free access to all pages except
pages under the Admin folder. Users must log in to view those pages, and so
forth. And I have been struggling trying to get this to work. I have spent
most of today surfing both the internet and newsgroups, and finally found
(pieced together is more the case) a solution. Now, I don't know if what
worked for me will work for you, but I can think of nothing better than to
share the knowledge. Here goes.....

------------
1) I updated the web.config in the root folder:

Change this:
<authentication mode="Windows" />

To this:
<authentication mode="Forms">
<forms name=".[YourFormNameHere]" loginUrl="login.aspx"
protection="All" timeout="30" path="/" requireSSL="false"
slidingExpiration="true" />
</authentication>

And then add the following right above the final </configuration> tag:

<!-- SET UP AUTHORIZATION USING LOCATION TAG -->
<location path="Admin">
<system.web>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
</system.web>
</location>

------------
2) I removed the login.aspx page from the Admin folder and put it in the
root folder. We are using usernames/passwords stored in a database so I
didn't use anything further in the web.config xml structure.

------------
3) In the IIS manager I set the Admin folder back to a normal, regular
folder.

------------
4) Rebuilt application


And bam! Application works great. You'll need to do some tweaking
and/or error handling for invalid users, blank form fields, etc., but doing
this worked for me.
Again, I don't know if this will fit your scenario, but for what it is
worth, I hope it helps. But I would still like to hear from an MVP on
*both* why your/my original method didn't work, and why my method outlined
above does.

-- Andrew

 

[raizen]

Thank you for post. I knew this workaround but I did not use it since I
wanted to know WHY it does not work when other ppl have no problem
configuring it. The reason I think it works your way is that the login.aspx
is at root directory. When subfolder "admin" is set as a virutal directory
it looks for bin directory but it's not there so we get parser error saying
"Could not load type 'xxxxxx.login'." But in order to use "Form
authentication" the subfolder need to be virtual directory....

If someone could explain why my method does not work properly, I would
appreciate alot.

Raizen,

I ran into the *exact* same problem with the *exact* same situation. I
have a web-based application where I want free access to all pages except
pages under the Admin folder. Users must log in to view those pages, and so
forth. And I have been struggling trying to get this to work. I have spent
most of today surfing both the internet and newsgroups, and finally found
(pieced together is more the case) a solution. Now, I don't know if what
worked for me will work for you, but I can think of nothing better than to
share the knowledge. Here goes.....

------------
1) I updated the web.config in the root folder:

Change this:
<authentication mode="Windows" />

To this:
<authentication mode="Forms">
<forms name=".[YourFormNameHere]" loginUrl="login.aspx"
protection="All" timeout="30" path="/" requireSSL="false"
slidingExpiration="true" />
</authentication>

And then add the following right above the final </configuration> tag:

<!-- SET UP AUTHORIZATION USING LOCATION TAG -->
<location path="Admin">
<system.web>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
</system.web>
</location>

------------
2) I removed the login.aspx page from the Admin folder and put it in the
root folder. We are using usernames/passwords stored in a database so I
didn't use anything further in the web.config xml structure.

------------
3) In the IIS manager I set the Admin folder back to a normal, regular
folder.

------------
4) Rebuilt application


And bam! Application works great. You'll need to do some tweaking
and/or error handling for invalid users, blank form fields, etc., but doing
this worked for me.
Again, I don't know if this will fit your scenario, but for what it is
worth, I hope it helps. But I would still like to hear from an MVP on
*both* why your/my original method didn't work, and why my method outlined
above does.

-- Andrew

I have a sub-directory named admin and when a user tries to access the page
inside "admin" folder I would like to use form authentication to validate the
user. It says on many forums that I need the "admin" folder to be virtual
directory which is set as an application so I did. The login page inside
"admin" folder uses code-behind. When I compile and try to view the
login.aspx page I get a "Could not load type 'xxxxxx.login'" Sorta figured
that the page cannot find the bin directory which is in the root directory so
I coded without using code-behind and wrote the authentication script inside
the login.aspx page and this worked. However after the page redirect to the
another page inside "admin" folder. That page fails cause it cannot find the
"bin" directory...

If I don't set "admin" folder as virtual folder and as application, I
receive the following error:

"It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This error
can be caused by a virtual directory not being configured as an application
in IIS."

I am desparate...I've been at this problem for last 5 days. Been to all
forums and searched all over internet website.

Could anyone help me out why this is not working properly?

Thanks in advance.