Re: Configuration Error using Forms Authentication

From: Joseph MCAD (anonymous_at_microsoft.discussions.com)
Date: 04/09/05 

Date: Sat, 9 Apr 2005 07:44:41 -0700

April 9, 2005

    If I understand correctly DBPractice is the root directory and Register
is another folder (not virtual directory). Assuming this... Web.Config files
inherit the settings farther up the filepath. The config file in register
inherits the dbpractice config which in turn inherits from Machine.config.
Also, like I said earlier, is that in order to be able to declare the
authentication element in the config, the folder it is in must be a virtual
directory. Because this is not the case this is where your problem is coming
from. Since the register config inherits the root virtual directory, you can
remove the authentication element. You can think of inheritance as if you
add all of the elements from the web.config files above yours in the
filesystem. Then you decide which ones to change. Also, you have denied
unauthenticated users the ability to view pages in the root directory (which
is correct) and allowed unauthenticated users the ability to view the login
page. Both are correct, besides the fact that you must specify in the root
config file where the people can login. Right now you have denied access and
have not allowed them to login, unless they browse to the page themselves.
If you specify the <forms> element with the attribute
loginUrl="Register\Login.aspx" then it will Automatically Redirect
unauthenticated users to this page. Then the users do not have to find the
login page themselves...

<authentication mode="Forms">
<forms loginUrl="Register\Login.aspx"/>
</authentication>

Just to be clear... Because the register config file inherits from the root,
you do not need to specify the authentication element again (which is
actually illegal to the machine to specify it in a non-vdirectory). Hope
this helps and I wish you the best of luck with your internship! Feel free
to ask more questions!

                                                                             
                                                                             
                      Joseph MCAD

"nmt via DotNetMonster.com" <forum@DotNetMonster.com> wrote in message
news:f7dc5e4c3d4a44898cf83f1153e7a7bb@DotNetMonster.com...
> Thanks a lot for your help! This is my first time developing a login form.
> It's an exciting task, but it can also be very frustrating! Also, I am
> doing this as a project for the company I am interning for, so I want to
> get it right!
>
> HERE IS AN OUTLINE OF MY PROJECT:
> Solution 'dbPractice'
> dbPractice
> Register(folder)
> Register.aspx
> Web.config
> Login.aspx
> Web.config
> ----------
> The root Web.config file says this:
>
> <authentication mode="Forms" />
> <authorization>
> <deny users="?" />
> </authorization>
> ----------
> The Register/Web.config file says this:
>
> (when I created this file, the authentication mode was set to 'Windows',
> and I changed it to 'Forms')
>
> <authentication mode="Forms" />
> <authorization>
> <allow users="*" />
> </authorization>
> ----------
>
> The virtual directory path in the Internet Services Manager for dbPractice
> is:
> http://localhost/dbPractice/
>
> ----------
> Also, in the book I am using as a reference (ASP.NET Unleashed) it states
> this little note:
>
> 'The Register.aspx page is contained in its own directory with its own
> Web.config file. The
> Web.config file enables anonymous access to files in the directory.
> Enabling access this way is
> necessary to enable unauthenticated users to register. (You could also
> enable anonymous access to the
> Register.aspx page with the location element in the root Web.config
> file.)'
>
> --
> Message posted via http://www.dotnetmonster.com

Relevant Pages

  • Re: Remoting Help Required
    ... .config file, register it as a well known type and as long as it's in the ... instances of your app out there pointing to a separate instance of that dll. ... > Now I have a request to run multiple versions of the reports on the ...
    (microsoft.public.dotnet.languages.vb)
  • Re: Remoting Help Required
    ... > .config file, register it as a well known type and as long as it's in the ... > bin directory of the Remoting Server you're good to go. ... > You don't need to .dll at all on the client machine and by hosting it on a ...
    (microsoft.public.dotnet.languages.vb)
  • Re: Debugging Class Library
    ... After changing the setting you recommended, F5 result in an error of: "Unable to start debugging on the web server. ... Not enough storage is available to complete this operation." ... The .bin dll showing in the virtual directory runs fine. ... It is using the .config file in the virtual directory. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Using app.config in ISMTPOnArrival implementation
    ... I need to write and register under SMTP in Windows 2000 my own COM using ISMTPOnArrival OnArrival interface. ... Where should I store my .config file and should I use specific .config file for each registered COM. ...
    (microsoft.public.dotnet.framework.interop)
  • Using app.config in ISMTPOnArrival implementation
    ... I need to write and register under SMTP in Windows 2000 my own COM using ISMTPOnArrival OnArrival interface. ... Where should I store my .config file and should I use specific .config file for each registered COM. ...
    (microsoft.public.exchange.development)