Forms authentication page not called

R.A.M. · Oct 9, 2007

Hello,

I am writing ASP.NET application. I would like to use forms authenication. I
created Login.aspx page and modified Web.config. Start page is Default.aspx.
The problem is that Login.aspx is not called.

Here is part of my Web.config.

<authentication mode="Forms">

<forms name="MIM-Magazyn" loginUrl="Login.aspx" />

</authentication>

<authorization>

<deny users="?"/>

</authorization>

Please help. I have little experience.
I use .NET 2.0.
/RAM/

John Smith · Oct 9, 2007

After <system.web> section you should declare which users have access to
whish pages.

Anyone should get to the login page so :

<location path="Login.aspx">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>

and no one should get to the default page if not logged in so:

<location path="Default.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>

You don't need <authorization> tag in <system.web> section.

R.A.M. · Oct 9, 2007

Thanks. Now I have in my Web.config:

....

<location path="Login.aspx">

<system.web><authorization><allow users="*"/></authorization></system.web>

</location>

<location path="Default.aspx">

<system.web><authorization><deny users="?"/></authorization></system.web>

</location>

</configuration>

The problem is that is receive the following compilation error:

<location> sections are allowed only within <configuration> sections.
(F:\Inetpub\wwwroot\MIM-Magazyn\web.config line 81) . I don't understand
this message because I added <location> within <configuration>.

Could you help me?

/RAM/

Eliyahu Goldin · Oct 9, 2007

I replied earlier but somehow my reply got lost:

Defining locations is not necessary. The original code should work.

Is Login.aspx never called or sometimes it is?

--
Eliyahu Goldin,
Software Developer
Microsoft MVP [ASP.NET]
http://msmvps.com/blogs/egoldin
http://usableasp.net

R.A.M. · Oct 9, 2007

U¿ytkownik "Eliyahu Goldin said:
Is Login.aspx never called or sometimes it is?

Never.
Please help.
/RAM/

Eliyahu Goldin · Oct 9, 2007

Try to change the name parameter in the <forms ...> tag. Could be the cookie
MIM-Magazyn became persistent on your machine.

--
Eliyahu Goldin,
Software Developer
Microsoft MVP [ASP.NET]
http://msmvps.com/blogs/egoldin
http://usableasp.net

R.A.M. · Oct 11, 2007

U¿ytkownik "Eliyahu Goldin said:
Try to change the name parameter in the <forms ...> tag. Could be the
cookie MIM-Magazyn became persistent on your machine.

Thanks.
It helps, but for one time. After one run of application I must change
<forms name=...> again to a different string. Do you know what's going on?
/RAM/

Eliyahu Goldin · Oct 11, 2007

By default, the cookie expires after 30 min. If you re-login within 30
minutes, the login form won't pop up. Look at the "timeout" and
"slidingExpiration" attributes of the forms element. They control the
timeout period.

--
Eliyahu Goldin,
Software Developer
Microsoft MVP [ASP.NET]
http://msmvps.com/blogs/egoldin
http://usableasp.net

Login page won't redirect to a Register (new account) page	3	Nov 1, 2009
Forms Authentication not Redirecting	1	Oct 19, 2007
Restrict access to Classic ASP pages in web.config	2	Jul 17, 2008
Authorization & Theme	1	Jun 5, 2006
Printing from IE fails due to Froms authentication - Microsoft Bug?	3	Mar 26, 2009
ASP.NET login authentication	4	Sep 24, 2004
Forms Authentication - how to read timeout?	1	Jan 29, 2009
Forms Authentication	4	Dec 10, 2007

Forms authentication page not called

R.A.M.

John Smith

R.A.M.

Eliyahu Goldin

R.A.M.

Eliyahu Goldin

R.A.M.

Eliyahu Goldin

Ask a Question

Similar Threads