RE: Forms Authentication Using SQL Server 2000 Database



Please ignore this post! See later post regarding roles being ignored.

WR

"WhiskeyRomeo" wrote:

"WhiskeyRomeo" wrote:

I have looked at this example and it uses the webconfig file as the external
datasource. So that was totally unhelpful.

http://www.aspnettutorials.com/tutorials/validation/authentication-aspnet2-vb.aspx

I have a 1.1 Login form that implements forms authentication that obviously
will not convert to VS 2005. It uses a sqlcommand to verify the username and
password and if validated retrieves certain information about the user via a
datareader.

Does anyone have a real world example using SQLServer 2000 or 2005?

WR

I wanted to add I uses roles and here is my webconfig file settings for the
1.1 application:

<authentication mode="Forms">
<!-- old setting was Windows -->
<forms name="UPAuth" loginUrl="login.aspx" slidingExpiration="true"
protection="All" timeout="20" path="/">
<credentials passwordFormat="Clear">
</credentials>
</forms>
</authentication>
<location path="Admin">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Admin" />
<deny roles="Photog,Super,Public" />
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="Super">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Super,Admin" />
<deny roles="Photog,Public" />
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="Reports">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Super,Admin,Photog" />
<deny roles="Public" />
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="Public">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Super,Admin,Public" />
<deny roles="Photog" />
<deny users="?" />
</authorization>
</system.web>
</location>



.



Relevant Pages

  • Re: Stupid Forms Auth Question
    ... You seem to have forgotten to put in the "authorization" section of the ... > I've built a login form for a very simple website using C#/ASP.NET. ... > And here's the problem - I can bypass the login screen and get to other ... For example, when the credentials are ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Forms Authentication Using SQL Server 2000 Database
    ... So that was totally unhelpful. ... I have a 1.1 Login form that implements forms authentication that obviously ...
    (microsoft.public.dotnet.framework.aspnet.security)