G
Guest
Hello friends,
I am building a website hosted through DSL box. It uses Form Authentication.
When I tested from local network machine, it worked fine: Asking me to login
if I
tried non-public pages. After I typed in user name and password, it directed
me to the page I wanted.
However, if a person tried to access it through internet, e.g., a machine
from
client, it stays in Login.aspx page, even after correct user name and
password were entered.
Any ideas?Thanks a lot. (Someone said it could be IIS setting problem?)
The following is the source code for authentication. Any code could be wrong?
---------------------------------------------------------------------
if (this.IsPostBack)
{
myTools.SQL mSQL = new
SQL(System.Configuration.ConfigurationSettings.AppSettings["sqlConnectionString"]);
System.Data.DataSet mDataSet = mSQL.sqlExecLoginQuery("sp_Login",
Request.Form["txtLoginName"]);
if (mDataSet.Tables[0].Rows.Count == 0)
Response.Redirect("NewUser.aspx"); //a new user
else
{
if
(FormsAuthentication.HashPasswordForStoringInConfigFile(Request.Form["txtPswd"], "MD5") != mDataSet.Tables[0].Rows[0]["pswd"].ToString())
{
this.loginInfo.Text = "Invalid password. Please try again.";
}
else
{
Session["userID"] = mDataSet.Tables[0].Rows[0]["userID"].ToString();
Session["loginName"] =
mDataSet.Tables[0].Rows[0]["loginName"].ToString();
FormsAuthentication.SetAuthCookie(Request.Form["txtLoginName"], true);
FormsAuthentication.RedirectFromLoginPage(Request.Form["txtLoginName"], true);
}
}
I am building a website hosted through DSL box. It uses Form Authentication.
When I tested from local network machine, it worked fine: Asking me to login
if I
tried non-public pages. After I typed in user name and password, it directed
me to the page I wanted.
However, if a person tried to access it through internet, e.g., a machine
from
client, it stays in Login.aspx page, even after correct user name and
password were entered.
Any ideas?Thanks a lot. (Someone said it could be IIS setting problem?)
The following is the source code for authentication. Any code could be wrong?
---------------------------------------------------------------------
if (this.IsPostBack)
{
myTools.SQL mSQL = new
SQL(System.Configuration.ConfigurationSettings.AppSettings["sqlConnectionString"]);
System.Data.DataSet mDataSet = mSQL.sqlExecLoginQuery("sp_Login",
Request.Form["txtLoginName"]);
if (mDataSet.Tables[0].Rows.Count == 0)
Response.Redirect("NewUser.aspx"); //a new user
else
{
if
(FormsAuthentication.HashPasswordForStoringInConfigFile(Request.Form["txtPswd"], "MD5") != mDataSet.Tables[0].Rows[0]["pswd"].ToString())
{
this.loginInfo.Text = "Invalid password. Please try again.";
}
else
{
Session["userID"] = mDataSet.Tables[0].Rows[0]["userID"].ToString();
Session["loginName"] =
mDataSet.Tables[0].Rows[0]["loginName"].ToString();
FormsAuthentication.SetAuthCookie(Request.Form["txtLoginName"], true);
FormsAuthentication.RedirectFromLoginPage(Request.Form["txtLoginName"], true);
}
}