Re: Forms Authentication w/SubFolders

From: Joel Finkel (finkel_at_sdi.com)
Date: 08/03/03


Date: Sun, 3 Aug 2003 01:20:11 -0500


I have come into this newsgroup precisely to look for an answer to this. I
am quite amazed to see this very question! Furthermore, I see a posting
made a few days later that reports a similar issue: Sucessful authentication
returns to the login page.

My situation is that in root, aspx pages authenticate fine (the login.aspx
form is in the root, as well). But in sub-directories, while the login.aspx
form is correctly invoked, the redirect returns to the login.aspx page.
This happens regardless of the presense of a web.config file in the
subdirectory, or the contents of it. I have played around with variations
for about 3 hours. I have verified that the cookies is being created and
sent, but for some reason the application in the sub-directory is not hip to
the fact that this cookie exists, and returns to the login.aspx page.

Pretty big problem. Hope there is a simple fix.

Thanks for all suggestions.
-Joel

"JTR" <jtrichard@sotasw.com> wrote in message
news:038001c35618$a80ca270$a601280a@phx.gbl...
> I'm trying to create a structure I can share
> authentication from a root application with many
> subordinate applications (subfolders).
>
> The web.config file for the root has:
>
> <authorization>
> <allow users="*" />
> </authorization>
>
> Then, each subordinate application (subfolder) has a
> web.config with the following:
>
> <authentication mode="Forms">
> <forms name=".BUZZARD"
> loginUrl="../login.aspx">
> </forms>
> </authentication>
> <authorization>
> <deny users="?" />
> </authorization>
>
> When the user access a resource in a subfolder, the login
> form is displayed and authenticates the user correctly,
> including the creation of an authentication ticket. But,
> when the login form attempts to redirect the browser to
> the requested secure resource, the login form is
> redisplayed. I have tried using
> FormsAuthentication.RedirectFromLoginPage() and
> Response.Redirect() with the same results.
>
> Any ideas?
>
> JTR.



Relevant Pages

  • Re: Forms Authentication w/SubFolders
    ... I was able to demonstrate the same as you in terms of ASPX ... in the root folder's BIN folder. ... >> authentication from a root application with many ... >> when the login form attempts to redirect the browser to ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Forms Authentication w/SubFolders
    ... > made a few days later that reports a similar issue: Sucessful authentication ... > the fact that this cookie exists, and returns to the login.aspx page. ... >>When the user access a resource in a subfolder, ... >>when the login form attempts to redirect the browser to ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Forms Authentication w/SubFolders
    ... subordinate applications. ... The web.config file for the root has: ... When the user access a resource in a subfolder, ... including the creation of an authentication ticket. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Logon Window Appears on siblings of authenticated directories
    ... Windows Auth, and a physical directory under root. ... authentication when my user identity was recognized on the machine -- which ... when virtual directories and authentication are ...
    (microsoft.public.inetserver.iis)
  • Re: Forms Authentication - Cookie not being generated...
    ... It was very interesting and I learnt plenty from just taking ... Never thought I could secure a directory from one root ... The login page is ... > access with Forms authentication so your login page (and all protected ...
    (microsoft.public.dotnet.framework.aspnet.security)