P
Paul K
I'm having a problem getting forms authentication to work.
I have two web config files. The first one (located in
the application directory) is defined as follows:
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="default.aspx"/>
</authentication>
</system.web>
</configuration>
The second one (located in a subdirectory
named "private") is defined as follows:
<configuration>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
My authentication code follows:
if (!mBLL.AuthenticateUser(txtUID.Text, txtPassword.Text,
ref dt))
{
lblError.Text = "The provided credentials could
not be authenticated. Please try again.";
}
else
{
Session.Contents.Add("UID",(object)txtUID.Text);
Session.Contents.Add("EName",(object)(dt.Rows[0]
["FName"].ToString() + " " + dt.Rows[0]["LName"].ToString
()));
Session.Contents.Add("EKey",dt.Rows[0]
["EmployeeKey"]);
Session.Contents.Add("IsAdmin",dt.Rows[0]
["IsAdmin"]);
Session.Contents.Add("WeekEnding",null);
Session.Contents.Add("SelDate",null);
url = FormsAuthentication.GetRedirectUrl
(txtUID.Text,true);
if (url == "/EPES/default.aspx")
url = "private/production.aspx?MOVEWEEK=NONE";
Response.Redirect(url);
Whenever I try to access production.aspx directly, I am
not redirected to default.aspx.
If I test the result of the User.Identity.IsAuthenticated
property on production.aspx, it is true (even without
being authenticated).
Any help would be greatly appreciated!
Paul K
I have two web config files. The first one (located in
the application directory) is defined as follows:
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="default.aspx"/>
</authentication>
</system.web>
</configuration>
The second one (located in a subdirectory
named "private") is defined as follows:
<configuration>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
My authentication code follows:
if (!mBLL.AuthenticateUser(txtUID.Text, txtPassword.Text,
ref dt))
{
lblError.Text = "The provided credentials could
not be authenticated. Please try again.";
}
else
{
Session.Contents.Add("UID",(object)txtUID.Text);
Session.Contents.Add("EName",(object)(dt.Rows[0]
["FName"].ToString() + " " + dt.Rows[0]["LName"].ToString
()));
Session.Contents.Add("EKey",dt.Rows[0]
["EmployeeKey"]);
Session.Contents.Add("IsAdmin",dt.Rows[0]
["IsAdmin"]);
Session.Contents.Add("WeekEnding",null);
Session.Contents.Add("SelDate",null);
url = FormsAuthentication.GetRedirectUrl
(txtUID.Text,true);
if (url == "/EPES/default.aspx")
url = "private/production.aspx?MOVEWEEK=NONE";
Response.Redirect(url);
Whenever I try to access production.aspx directly, I am
not redirected to default.aspx.
If I test the result of the User.Identity.IsAuthenticated
property on production.aspx, it is true (even without
being authenticated).
Any help would be greatly appreciated!
Paul K
