Forms authentication page not called


R

R.A.M.

Hello,

I am writing ASP.NET application. I would like to use forms authenication. I
created Login.aspx page and modified Web.config. Start page is Default.aspx.
The problem is that Login.aspx is not called.

Here is part of my Web.config.

<authentication mode="Forms">

<forms name="MIM-Magazyn" loginUrl="Login.aspx" />

</authentication>

<authorization>

<deny users="?"/>

</authorization>

Please help. I have little experience.
I use .NET 2.0.
/RAM/
 
Ad

Advertisements

J

John Smith

After <system.web> section you should declare which users have access to
whish pages.

Anyone should get to the login page so :

<location path="Login.aspx">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>

and no one should get to the default page if not logged in so:

<location path="Default.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>

You don't need <authorization> tag in <system.web> section.
 
R

R.A.M.

Thanks. Now I have in my Web.config:

....



<location path="Login.aspx">

<system.web><authorization><allow users="*"/></authorization></system.web>

</location>

<location path="Default.aspx">

<system.web><authorization><deny users="?"/></authorization></system.web>

</location>

</configuration>

The problem is that is receive the following compilation error:

<location> sections are allowed only within <configuration> sections.
(F:\Inetpub\wwwroot\MIM-Magazyn\web.config line 81) . I don't understand
this message because I added <location> within <configuration>.

Could you help me?

/RAM/
 
Ad

Advertisements

R

R.A.M.

U¿ytkownik "Eliyahu Goldin said:
Try to change the name parameter in the <forms ...> tag. Could be the
cookie MIM-Magazyn became persistent on your machine.

Thanks.
It helps, but for one time. After one run of application I must change
<forms name=...> again to a different string. Do you know what's going on?
/RAM/
 
Ad

Advertisements

E

Eliyahu Goldin

By default, the cookie expires after 30 min. If you re-login within 30
minutes, the login form won't pop up. Look at the "timeout" and
"slidingExpiration" attributes of the forms element. They control the
timeout period.

--
Eliyahu Goldin,
Software Developer
Microsoft MVP [ASP.NET]
http://msmvps.com/blogs/egoldin
http://usableasp.net
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top