Problems Redirecting from a Login Page

[Gary Coutts]

Hi,

I am have problems redirecting from a login page. The login page is simple,
with just 2 textboxes and one button. On the button click the routine below
is called:

I am using:
Visual Studio 2003 Version 7.1.3008
Framework 1.1 Version 1.1.4322 SP1
Windows XP Pro Version 2002 SP2

I have tried two ways:

protected void LoginUser(Object s,EventArgs e)
{

if(FormsAuthentication.Authenticate(Username.Text,Password.Text))
{

-------- First Way------------
// Redirect to requested URL, or homepage if no previous page
requested
string returnUrl = Request.QueryString["ReturnUrl"];

if (returnUrl == null)
returnUrl = "Home.aspx";

Response.Redirect(returnUrl);

-------- Second Way------------
FormsAuthentication.RedirectFromLoginPage(Username.Text,true) ;
}
}

Below is part of the Web.config for authentication and authorization

<authentication mode="Forms">

<forms name=".LoginCookie" loginUrl="login.aspx" protection="All"
timeout="40" path="/">

<credentials passwordFormat="Clear">

<user name="gwc" password="qfbxra"></user>

</credentials>

</forms>

</authentication>



<authorization>

<allow users="?"></allow>

<deny users="*"></deny> <!-- Used to override <allow
users="*"></allow> in machine.config-->


</authorization>

I searched the web about this problems and have not found any solutions
that work.

Does anyone have any suggestions as I am losing the will to live





Cheers

gwc

 

[Guest]

In Web.config, it should be

<authorization>
<deny users="?" /> <!-- deny anonymous users, otherwise
FormsAuthentication object never works -- >
<allow users="*" /> <!-- Used to override -->
</authorization>


HTH

Elton Wang

 

[Gary Coutts]

Hi Elton,

Thanks for the reply.

My mistake my web.config should have read

<deny users="?" /> <!-- deny anonymous users, otherwise

I had been playing around and forgot to return to the original config.


I tried replacing the

<deny users="*"/>

with your suggested

<allow users="*"/>

but now it gives me access to any of the page without going to the login
page.

Cheers

Gary

In Web.config, it should be

<authorization>
<deny users="?" /> <!-- deny anonymous users, otherwise
FormsAuthentication object never works -- >
<allow users="*" /> <!-- Used to override -->
</authorization>


HTH

Elton Wang

Hi,

I am have problems redirecting from a login page. The login page is
simple,
with just 2 textboxes and one button. On the button click the routine
below
is called:

I am using:
Visual Studio 2003 Version 7.1.3008
Framework 1.1 Version 1.1.4322 SP1
Windows XP Pro Version 2002 SP2

I have tried two ways:

protected void LoginUser(Object s,EventArgs e)
{

if(FormsAuthentication.Authenticate(Username.Text,Password.Text))
{

-------- First Way------------
// Redirect to requested URL, or homepage if no previous page
requested
string returnUrl = Request.QueryString["ReturnUrl"];

if (returnUrl == null)
returnUrl = "Home.aspx";

Response.Redirect(returnUrl);

-------- Second Way------------
FormsAuthentication.RedirectFromLoginPage(Username.Text,true) ;
}
}

Below is part of the Web.config for authentication and authorization

<authentication mode="Forms">

<forms name=".LoginCookie" loginUrl="login.aspx" protection="All"
timeout="40" path="/">

<credentials passwordFormat="Clear">

<user name="gwc" password="qfbxra"></user>

</credentials>

</forms>

</authentication>



<authorization>

<allow users="?"></allow>

<deny users="*"></deny> <!-- Used to override <allow
users="*"></allow> in machine.config-->


</authorization>

I searched the web about this problems and have not found any solutions
that work.

Does anyone have any suggestions as I am losing the will to live





Cheers

gwc