V
vipergtsrz
I am wanting to use Forms Authentication on my site, and I have the
exact same code on another site I am using, but it's not working on
this one.
I only want to limit the "admin" folder to require me to log in, so I
have this in my web config:
<location path="admin" >
<system.web>
<authorization>
<allow roles="Administrator" />
<deny users="*" />
</authorization>
</system.web>
</location>
When I first go to the admin section of the site, it redirects me to
the login page like it should. I log in, and it goes to the admin
section just fine. Then, if I go to the normal part of the site that
isn't "protected", it seems to lose my login. When I use
User.IsInRole("Administrator") or User.Identity.IsAuthenticated they
always return false. I am still able to go to the admin section, but I
am not authenticated.
Here is the code I am putting in my global.asax file:
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e
As EventArgs)
If Request.IsAuthenticated Then
Dim UserID As New SqlParameter("@Username",
User.Identity.Name)
Dim reader As SqlDataReader =
SqlHelper.ExecuteReader(ConfigurationSettings.AppSettings("connectionString"),
CommandType.StoredProcedure, "rolesForUser", UserID)
Dim roleList As New ArrayList
Do While reader.Read
roleList.Add(reader("Name"))
Loop
Dim roleListArray As String() =
roleList.ToArray(GetType(String))
HttpContext.Current.User() = New
GenericPrincipal(User.Identity, roleListArray)
End If
End Sub
The problem is that Request.IsAuthenticated is returning "False" after
I go to another page. Here is the rest of my web.config file to: (that
have to do with this)
<authentication mode="Forms">
<forms name="Form1" loginUrl="login.aspx" protection="All"
timeout="30" path="/"/>
</authentication>
Any help with this would be greatly appreciated. I am sure it's
probably something wrong with some random IIS setting I have or
something that's messing it up. Thank you for your time!
exact same code on another site I am using, but it's not working on
this one.
I only want to limit the "admin" folder to require me to log in, so I
have this in my web config:
<location path="admin" >
<system.web>
<authorization>
<allow roles="Administrator" />
<deny users="*" />
</authorization>
</system.web>
</location>
When I first go to the admin section of the site, it redirects me to
the login page like it should. I log in, and it goes to the admin
section just fine. Then, if I go to the normal part of the site that
isn't "protected", it seems to lose my login. When I use
User.IsInRole("Administrator") or User.Identity.IsAuthenticated they
always return false. I am still able to go to the admin section, but I
am not authenticated.
Here is the code I am putting in my global.asax file:
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e
As EventArgs)
If Request.IsAuthenticated Then
Dim UserID As New SqlParameter("@Username",
User.Identity.Name)
Dim reader As SqlDataReader =
SqlHelper.ExecuteReader(ConfigurationSettings.AppSettings("connectionString"),
CommandType.StoredProcedure, "rolesForUser", UserID)
Dim roleList As New ArrayList
Do While reader.Read
roleList.Add(reader("Name"))
Loop
Dim roleListArray As String() =
roleList.ToArray(GetType(String))
HttpContext.Current.User() = New
GenericPrincipal(User.Identity, roleListArray)
End If
End Sub
The problem is that Request.IsAuthenticated is returning "False" after
I go to another page. Here is the rest of my web.config file to: (that
have to do with this)
<authentication mode="Forms">
<forms name="Form1" loginUrl="login.aspx" protection="All"
timeout="30" path="/"/>
</authentication>
Any help with this would be greatly appreciated. I am sure it's
probably something wrong with some random IIS setting I have or
something that's messing it up. Thank you for your time!