RE: Forms authentication not working right

From: Stu (Stu_at_discussions.microsoft.com)
Date: 08/04/05 

Date: Wed, 3 Aug 2005 16:14:03 -0700

Couple of things to try....

Check that the folder name is correct case. I think that the <location>
element's path attribute is case sensitive.

Also, i think that your <authorization> element should be like this...
<authorization>
   <deny users="?" />
</authorization>
And then you would want another <location> element for "PublisherLogin.aspx"
where the authorization section would be like this...
<authorization>
   <allow users="*" />
</authorization>

See how that goes anyway. 

-- 
Cheers,
Stu
"Joe" wrote:
> I have a subfolder protected with Forms Authentication. When any page in 
> that folder is requested my login page comes up and the user is prompted to 
> login. This works fine.
> Once the user info is validated I create a cookie and setup the 
> FormsAuthentication.
> 
> The problem I get is that the Redirect always gets kicked back to the login 
> page.
> 
> FormsAuthentication.Initialize();
> 
>     FormsAuthenticationTicket ticket;
>     string cookieString;
>     HttpCookie cookie;
> 
>     ticket = new FormsAuthenticationTicket(1,
>      user.Text,
>      DateTime.Now,
>      DateTime.Now.AddMinutes(30),
>      false,
>      "Data",
>      FormsAuthentication.FormsCookiePath);
> 
>     cookieString = FormsAuthentication.Encrypt(ticket);
>     cookie = new HttpCookie(FormsAuthentication.FormsCookieName, 
> cookieString);
>     Response.Cookies.Add(cookie);
>     string strQuery = FormsAuthentication.GetRedirectUrl(user.Text,false);
>     Response.Redirect(strQuery);
> 
> <location path="Publisher">
>   <system.web>
>    <compilation defaultLanguage="c#" debug="true" />
>    <customErrors mode="Off" />
>    <authentication mode="Forms">
>     <forms name=".ASPXAUTH" loginUrl="..\PublisherLogin.aspx" timeout="30">
>     </forms>
> 
>    </authentication>
>    <authorization>
>     <deny users="?" />
>     <allow users ="*"/>
>    </authorization>
>   </system.web>
>  </location>
> 
> I had this problem another time but can't remember how I fixed it...
> 
> Thanks,
> Joe 
> 
> 
>

Relevant Pages

  • Some help required: Different flavour of logon via FormsAuthentication?
    ... I've been doing some asp.net coding, and I've created an app ... Broker (top level app folder, contains web.config, deny all unauth ... and that will force anyone to login if they try to go to Broker or CP, ... authentication details in a cookie, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Cookies not written to specified directory
    ... which acts as a thunking layer between the login web ... IE 6 is some instances place the cookie in the following folder: ... It is not just our web application which write to this temp cookie folder, ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: web.config roles
    ... what i have tried is to use a role based authorization. ... FormsAuthentication login page. ... string encryptedTicket = FormsAuthentication.Encrypt; ... // Create a cookie and add the encrypted ticket as data ...
    (microsoft.public.dotnet.framework.aspnet)
  • Forms authentication not working right
    ... I have a subfolder protected with Forms Authentication. ... that folder is requested my login page comes up and the user is prompted to ... Once the user info is validated I create a cookie and setup the ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Forms Authorization
    ... I'm setting up my authorization in web.config to reject ... everybody and allow users with a specific role to a folder. ... login page, ... make sure the cookie timeout is refreshed on all ...
    (microsoft.public.dotnet.framework.aspnet.security)