Re: FormsAuthentication.RedirectFromLoginPage
From: Bill Borg (BillBorg_at_discussions.microsoft.com)
Date: 02/16/05
- Next message: DC Gringo: "Re: owc not working"
- Previous message: Marina: "Re: TextBox Question"
- In reply to: Andy Sutorius: "Re: FormsAuthentication.RedirectFromLoginPage"
- Next in thread: Andy Sutorius: "Re: FormsAuthentication.RedirectFromLoginPage"
- Reply: Andy Sutorius: "Re: FormsAuthentication.RedirectFromLoginPage"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 16 Feb 2005 13:39:04 -0800
Looks pretty good at first blush. Any chance there's a web.config in the
subfolder too (that would override the root)?
Also, per your comment above, I'll be anxious to read Steve's response. I've
been working through all this same stuff lately. To me, redirectfromloginpage
is one of those times where asp.net does *too* much to make it easy, so you
don't really understand what's happening underneath. Afaik, it combines
creating the cookie, creating the authentication ticket stored in the cookie,
persisting them or not, and redirecting to the requested page. You can do all
these yourself if you understand what's happening, and you're forced to do
that in cases I run into all the time, such as wanting to name the cookie
myself, keeping multiple cookies, playing with timeout values per user, etc.
Best discussion I've seen of all this is in Esposito's Programming ASP.NET
(best discussion of most *anything* is in that book). There's also a ton of
great stuff in this forum.
Bill
"Andy Sutorius" wrote:
> Bill,
>
> Thanks for that. I forgot to put in an allow. This is what my web.config
> looks like now. And I am still getting the same response. I am attempting to
> control access into a subdirectory from the web.config in the root folder.
> Any other ideas?
>
> <location path="admin" allowOverride="false">
> <!-- <location path="admin" allowOverride="true"> -->
> <system.web>
> <authorization>
> <deny users="?" />
> <allow users="*" />
> </authorization>
> </system.web>
> </location>
>
>
> "Bill Borg" <BillBorg@discussions.microsoft.com> wrote in message
> news:2D435316-86B8-4AB5-9792-3110F7C1F9FF@microsoft.com...
> > Steve, doesn't the redirectfromloginpage call create the cookie for you?
> >
> > Andy, I've also had this when my web.config is not set up correctly to
> deny
> > anonymous users and *allow* authenticated users.
> >
> > Bill
> >
> > "Steve C. Orr [MVP, MCSD]" wrote:
> >
> > > It looks like you've forgotten to call SetAuthCookie.
> > > Here's more info:
> > >
> http://authors.aspalliance.com/aspxtreme/sys/Web/Security/FormsAuthenticationClassSetAuthCookie.aspx
> > >
> > > --
> > > I hope this helps,
> > > Steve C. Orr, MCSD, MVP
> > > http://SteveOrr.net
> > >
> > >
> > > "Andy Sutorius" <andy@sutorius.com> wrote in message
> > > news:%sLQd.69593$dt3.7467733@twister.southeast.rr.com...
> > > > Hi,
> > > >
> > > > For some reason the login.aspx webpage redirects to itself after a
> > > > successful login and not to the url in the address bar. I have stepped
> > > > through this with debug and it behaves as it is supposed to. What am I
> > > > overlooking? Try it.
> > > >
> > > > http://www.sutorius.com/psyche
> > > > click the Administration link
> > > > username = user1
> > > > password = user1
> > > >
> > > >
> > > > private void cmdLogin_ServerClick(object sender, System.EventArgs e)
> > > > {
> > > > if (ValidateUser(txtUserName.Value,txtUserPass.Value) )
> > > >
> > > >
> > > >
> FormsAuthentication.RedirectFromLoginPage(txtUserName.Value,chkPersistCookie
> > > > .Checked);
> > > >
> > > > else
> > > >
> > > > lblMsg.Text = "Invalid Log in";
> > > >
> > > >
> > > >
> > > >
> > > >
> > >
> > >
> > >
>
>
>
- Next message: DC Gringo: "Re: owc not working"
- Previous message: Marina: "Re: TextBox Question"
- In reply to: Andy Sutorius: "Re: FormsAuthentication.RedirectFromLoginPage"
- Next in thread: Andy Sutorius: "Re: FormsAuthentication.RedirectFromLoginPage"
- Reply: Andy Sutorius: "Re: FormsAuthentication.RedirectFromLoginPage"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
