Home
ASP.NET Forums » General ASP.NET » Security » Forms Authentication Mode causes endless loop

Forms Authentication Mode causes endless loop

Last post 08-08-2007 8:58 AM by dmitri_vaganov. 2 replies.

Sort Posts:

  • Forms Authentication Mode causes endless loop

    08-06-2007, 2:52 PM
    ASP.NET 2003 project has a default form so that users must go through our login page before they access any other part of our site.  This works fine in VS.NET 2003 with Framework version 1.1.  In VS.NET 2005 with framework 2, I get stuck in an endless loop.  I use forms authentication in the web.config file for the project with the following under the <system.web> section.      <system.web>            <authentication mode="Forms">                  <forms name=".DATASERVAUTH" loginUrl="Login.aspx" protection="Validation" timeout="2000"/>            </authentication>            <authorization>                  <deny users="?"/>             </authorization>      </system.web>

  • Re: Forms Authentication Mode causes endless loop

    08-08-2007, 6:42 AM

    Hi

    I think it will help if you allow the anonymous user to access the pages (Login.aspx) in root path but restrict them access the pages in subfolder.

    For example

    <location path ="ManageSys">

        <system.web>

          <authorization>

             <allow users="Admin"/>

             <deny users="*"/>

         </authorization>

      </system.web>

    </location>

      <system.web>
         <authorization>

             <allow users="*"/>

        </authorization> 
      </system.web>

    </configuration>


     

    Best Regards
    XiaoYong Dai
    Microsoft Online Community Support

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

  • Re: Forms Authentication Mode causes endless loop

    08-08-2007, 8:58 AM
    Thanks for response. The problem was in the IFRAME. When calling Login.aspx it was creating IFRAME with a page called balnk.htm which did not exist in the project. It was trying to display an error page but authentication was bringing it back to Login.aspx which was trying to display the error again and thus an endless loop.
Page 1 of 1 (3 items)
RSS Available

Contact | Advertise | Issue Management by Axosoft's OnTime | Running IIS7
All Rights Reserved. | Terms of Use | Trademarks | Privacy Statement
© 2009 Microsoft Corporation.