login
-
Hi there, As Matthias pointed out that you may need to set up the Forms Authentication in your ASP.NET application to protect the restricted pages, the user will be directed to the login page when he tries to access those resources. And the originally requested url is added to the query string, once the user is authenticated, you can get that url in the query string with the key
ReturnURL.i did this in login.aspx..but cant seems to direct me to the requested page.. am i doing it right?
if (status == 0) { string url = Request.QueryString["ReturnUrl"]; FormsAuthentication.RedirectFromLoginPage(txtUserID.Value.Trim(), true); Response.Redirect(url); } else { lbl.Text = "Invalid UserID or Password!"; }:confused: -
i did this in login.aspx..but cant seems to direct me to the requested page.. am i doing it right?
if (status == 0) { string url = Request.QueryString["ReturnUrl"]; FormsAuthentication.RedirectFromLoginPage(txtUserID.Value.Trim(), true); Response.Redirect(url); } else { lbl.Text = "Invalid UserID or Password!"; }:confused:You can use either the RedirectFromLoginPage method or the Redirect method to direct thr authenticated user to the originally requested page. Also, if you set up the Forms Authentication mode properly, then you will see the requested url added to the query string when the user is directed to the login page. http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetHT03.asp[^] http://www.codeproject.com/aspnet/formsroleauth.asp[^]
-
You can use either the RedirectFromLoginPage method or the Redirect method to direct thr authenticated user to the originally requested page. Also, if you set up the Forms Authentication mode properly, then you will see the requested url added to the query string when the user is directed to the login page. http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetHT03.asp[^] http://www.codeproject.com/aspnet/formsroleauth.asp[^]
i did my web.config as shown but still cant get it to work.. 1)
<configuration> <system.web> <compilation defaultLanguage="c#" debug="true"/> <authentication mode="Forms"> <forms name="LoginForm" loginUrl="login.aspx" protection="All" timeout="60" slidingExpiration="true" path="/" /> </authentication> <machineKey validationKey="AutoGenerate" decryptionKey="AutoGenerate" validation="SHA1"/> </system.web> <location path="Temp"> <system.web> <authorization> <allow roles="Admin" /> <deny users="*" /> </authorization> </system.web> </location> </configuration>2) do i need to create application name in Application Settings under the directory tab for the folder (Temp) where i place my order.aspx and customerinfo.aspx in IIS properties? 3)do i need to place the login page into the Temp folder too? -
i did my web.config as shown but still cant get it to work.. 1)
<configuration> <system.web> <compilation defaultLanguage="c#" debug="true"/> <authentication mode="Forms"> <forms name="LoginForm" loginUrl="login.aspx" protection="All" timeout="60" slidingExpiration="true" path="/" /> </authentication> <machineKey validationKey="AutoGenerate" decryptionKey="AutoGenerate" validation="SHA1"/> </system.web> <location path="Temp"> <system.web> <authorization> <allow roles="Admin" /> <deny users="*" /> </authorization> </system.web> </location> </configuration>2) do i need to create application name in Application Settings under the directory tab for the folder (Temp) where i place my order.aspx and customerinfo.aspx in IIS properties? 3)do i need to place the login page into the Temp folder too?1. What do you mean by cannot get it to work? You cannot get the requedted URL or the authenticated user is always redirected to the login page? If so, can you run it in debug mode to see if you can get the url. 2. You don't need to create an Application for the temp folder, otherwise this folder is considered as a new application. 3. No, the login page should be accessible to all users.
-
1. What do you mean by cannot get it to work? You cannot get the requedted URL or the authenticated user is always redirected to the login page? If so, can you run it in debug mode to see if you can get the url. 2. You don't need to create an Application for the temp folder, otherwise this folder is considered as a new application. 3. No, the login page should be accessible to all users.
oh it keeps redirecting me to login page..im able to get the requested URL
-
oh it keeps redirecting me to login page..im able to get the requested URL
-
Do you have any code to set the role of the user? If no, you now can take a look at Heath's article to see how to do that because at the moment all the users are not allowed to access the Temp folder except those belong to the Admin group(role).
hey THANKS!!!!!!!!!!!!!!!! with your help im able to do it..anw i found another website which oso explain about it. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmod/html/secmod18.asp
-
Do you have any code to set the role of the user? If no, you now can take a look at Heath's article to see how to do that because at the moment all the users are not allowed to access the Temp folder except those belong to the Admin group(role).
hey sorry im back!!:-D yea i've got this problem. remember about the login n the web config thingy, i just test my program n this time the web browser says im not autorized to view tt page.. im not sure why but yester it was working..i didnt touch anything. the error was http 403 .. however if i click onto the back button till the index page and click the link to customerinfo.aspx, im able to go link to it..
-
hey sorry im back!!:-D yea i've got this problem. remember about the login n the web config thingy, i just test my program n this time the web browser says im not autorized to view tt page.. im not sure why but yester it was working..i didnt touch anything. the error was http 403 .. however if i click onto the back button till the index page and click the link to customerinfo.aspx, im able to go link to it..
-
Hi there, Can you post the full error message as there are a number of different http 403.x errors? Can you also take look at the ASP.NET Trace[^] to see if it can help?
Very sorry for the late reply, have been away. ok here is the error: You might not have permission to view this directory or page using the credentials you supplied. HTTP Error 403 - Forbidden :~ Chris