T
Tim Zych
I want to use Forms Authentication for my site. I have built a very basic
database driven site by creating all the aspx files in Notepad, not in
VS.Net. I am doing this because the Wrox book I have does it this way. I
kind of like this because it allows me to see exactly what's going on.
So far everything is coming along nicely. I even deployed this to my ISP and
the site works great, although it has no authentication.
Now for the authentication part. When I try to use one of the "canned" forms
authentication step-throughs (Asp.Net Kick Start, a DotNetBips article which
shows the basic principles), they all use VS.Net. When I use VS.Net, the
authentication seems to work OK. But when I transfer the steps to my
non-VS.Net-created app, the authentication doesn't work. (more details
below).
So I am wondering, does VS.Net do stuff behind the scenes that is blocking
me from doing it w/o VS.Net?
My understanding is that the key to this is the RedirectFromLoginPage
method, which is supposed to direct me to the first-requested file once the
username and password are confirmed.
What's happening is that I'm not getting redirected. The login page simply
refreshes after I enter the correct username/password.
Here is what I am using:
1) Create a web.config file in the root directory with the following:
<configuration>
<system.web>
<authentication mode="Forms" />
</system.web>
</configuration>
2) Create a folder called "Secret Files" and in it add a WebForm called
Secret.aspx and another Web.Config file.
The web.config file contains:
<configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
and the Secret.aspx file has a label indicating success if we are redirected
to that page.
3) Add a page called Login.aspx that contains a 2 textboxes (txtUsername and
txtPassword) and a button.
The button_click event has the following code:
Private Sub Button1_Click(ByVal sender As System.Object, _
ByVal e As System.EventArgs) Handles Button1.Click
If txtUsername.Text = "tim" And txtPassword.Text = "password" Then
System.Web.Security.FormsAuthentication. _
RedirectFromLoginPage(txtPassword.Text, False)
Else
Label1.Text = "Invalid Username/Password"
End If
End Sub
So when I do all of this, and when I try to navigate to Secret.aspx, I DO
get directed to the Login page, but after correctly entering the username
and password, the Login page simply refreshes, and does NOT redirect me to
the Secret.aspx file.
Why? What must I do to get redirected to the first-requested file?
Thanks.
database driven site by creating all the aspx files in Notepad, not in
VS.Net. I am doing this because the Wrox book I have does it this way. I
kind of like this because it allows me to see exactly what's going on.
So far everything is coming along nicely. I even deployed this to my ISP and
the site works great, although it has no authentication.
Now for the authentication part. When I try to use one of the "canned" forms
authentication step-throughs (Asp.Net Kick Start, a DotNetBips article which
shows the basic principles), they all use VS.Net. When I use VS.Net, the
authentication seems to work OK. But when I transfer the steps to my
non-VS.Net-created app, the authentication doesn't work. (more details
below).
So I am wondering, does VS.Net do stuff behind the scenes that is blocking
me from doing it w/o VS.Net?
My understanding is that the key to this is the RedirectFromLoginPage
method, which is supposed to direct me to the first-requested file once the
username and password are confirmed.
What's happening is that I'm not getting redirected. The login page simply
refreshes after I enter the correct username/password.
Here is what I am using:
1) Create a web.config file in the root directory with the following:
<configuration>
<system.web>
<authentication mode="Forms" />
</system.web>
</configuration>
2) Create a folder called "Secret Files" and in it add a WebForm called
Secret.aspx and another Web.Config file.
The web.config file contains:
<configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
and the Secret.aspx file has a label indicating success if we are redirected
to that page.
3) Add a page called Login.aspx that contains a 2 textboxes (txtUsername and
txtPassword) and a button.
The button_click event has the following code:
Private Sub Button1_Click(ByVal sender As System.Object, _
ByVal e As System.EventArgs) Handles Button1.Click
If txtUsername.Text = "tim" And txtPassword.Text = "password" Then
System.Web.Security.FormsAuthentication. _
RedirectFromLoginPage(txtPassword.Text, False)
Else
Label1.Text = "Invalid Username/Password"
End If
End Sub
So when I do all of this, and when I try to navigate to Secret.aspx, I DO
get directed to the Login page, but after correctly entering the username
and password, the Login page simply refreshes, and does NOT redirect me to
the Secret.aspx file.
Why? What must I do to get redirected to the first-requested file?
Thanks.