System.Web.Security.FormsAuthentication.RedirectFromLoginPage is not working..

[TaeHo Yoo]

Thanks in advance,

What I did was

1. add these lines in web.cofig file
<authentication mode="Forms">
<forms name="frmAuthentication" loginUrl="login.aspx"
protection="All" path="/" />
</authentication>
<authorization>
<deny users="*" /> <!-- Allow all users -->
</authorization>

2. create login.aspx and default.aspx
3. add this line in login.aspx for submit click event
Dim theUser As New Online_Employment_Manager_Business.User()

If theUser.Login(txtUserName.Text, txtPassword.Text)Then
System.Web.Security.FormsAuthentication.RedirectFromLoginPage(txtUserNam
e.Text, True)
Else
'Login failed - show the message
Page.RegisterStartupScript("LoginFailed", "<script
language=""JavaScript"">alert('Login Failed.\n\nPlease check your login
information and try again.');</script>")
End If

although theUser.Login passed True the page remains in login.aspx.

Did I miss something?

Thanks

 

[Teemu Keiski]

You have error in the web.config.

This setting:
<authorization>
<deny users="*" /> <!-- Allow all users -->
</authorization>

denies all access to the protected pages, despite is the user authenticated
or not. It should be:

<authorization>
<deny users="?" /> <!-- Allow authenticated users -->
</authorization>

In this case only unauthenticated users are redirected to the login page.

--
Teemu Keiski
MCP,Designer/Developer
Mansoft tietotekniikka Oy
http://www.mansoft.fi

ASP.NET Forums Moderator, www.asp.net
AspAlliance Columnist, www.aspalliance.com

Email:
(e-mail address removed)