C
cab0san
I have several applications all on the same server. I would like them
to all use the same login page.
Example:
http://server1/customers/app1.aspx
http://server1/suppliers/byregion/app2.aspx
I have a login page located in the root of the same server:
http://server1/login.aspx
None of these are virtual directories.
The web.config file for customers/ and suppliers/byregion/ looks like
this:
<authentication mode="Forms">
<forms loginUrl="/login.aspx" name=".ASPXAUTH" timeout="30" path="/"
protection="All">
</forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
The web.config for the root web looks like this
<authentication mode="Forms">
<forms loginUrl="login.aspx" name=".ASPXAUTH" timeout="30" path="/"
protection="All">
</forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
Both apps are configured to allow anonymous in iis.
The login page code looks like this:
Dim tkt As FormsAuthenticationTicket
tkt = New FormsAuthenticationTicket(1, Me.txtUser.Text, DateTime.Now(),
DateTime.Now.AddMinutes(30), True, "<group info would go here>")
Dim cookiestr As String
cookiestr = FormsAuthentication.Encrypt(tkt)
Dim ck As HttpCookie
ck = New HttpCookie(".ASPXAUTH", cookiestr)
ck.Expires = tkt.Expiration
ck.Path = "/"
Response.Cookies.Add(ck)
Dim strRedirect As String
strRedirect = Request("ReturnURL")
Response.Redirect(strRedirect)
When I request a page in customers, like
http://server1/customers/app1.aspx, I am redirected to the login page
(good), bet when I click logon and run the above code, it just returns
to the login page again (bad).
The "ReturnURL" is correct, as I have seen in debug mode.
I'm guessing that app1 is rejecting my cookie, and returning me to the
login page again, but why?
I must be missing something simple. Any ideas?
to all use the same login page.
Example:
http://server1/customers/app1.aspx
http://server1/suppliers/byregion/app2.aspx
I have a login page located in the root of the same server:
http://server1/login.aspx
None of these are virtual directories.
The web.config file for customers/ and suppliers/byregion/ looks like
this:
<authentication mode="Forms">
<forms loginUrl="/login.aspx" name=".ASPXAUTH" timeout="30" path="/"
protection="All">
</forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
The web.config for the root web looks like this
<authentication mode="Forms">
<forms loginUrl="login.aspx" name=".ASPXAUTH" timeout="30" path="/"
protection="All">
</forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
Both apps are configured to allow anonymous in iis.
The login page code looks like this:
Dim tkt As FormsAuthenticationTicket
tkt = New FormsAuthenticationTicket(1, Me.txtUser.Text, DateTime.Now(),
DateTime.Now.AddMinutes(30), True, "<group info would go here>")
Dim cookiestr As String
cookiestr = FormsAuthentication.Encrypt(tkt)
Dim ck As HttpCookie
ck = New HttpCookie(".ASPXAUTH", cookiestr)
ck.Expires = tkt.Expiration
ck.Path = "/"
Response.Cookies.Add(ck)
Dim strRedirect As String
strRedirect = Request("ReturnURL")
Response.Redirect(strRedirect)
When I request a page in customers, like
http://server1/customers/app1.aspx, I am redirected to the login page
(good), bet when I click logon and run the above code, it just returns
to the login page again (bad).
The "ReturnURL" is correct, as I have seen in debug mode.
I'm guessing that app1 is rejecting my cookie, and returning me to the
login page again, but why?
I must be missing something simple. Any ideas?