Using pretty much all of the default authentication in visual studio. Have the App_Data database (ASPNETDB.MDF) set up. Per web.config, all pages are available to anonymous access except for one page, which is designated to require login via the <location>
tag. Using the Login control to log in. When browsing to the page that requires login, no problem, login page comes up first. Enter valid user name and password. Code below. The validate works but the redirect does not, just redirects me to the Logon.aspx
page again.
Should not the FormsAuthentication.SetAuthCookie call authenticate the user and put a validation cookie in the response stream? "ReturnUrl" is correct. I've also tried the FormsAuthentication.RedirectFromLoginPage with the same result.
Tried this as well. Only difference is I don't have a defaultUrl property set in my <authentication> tag of the web.config. However, I don't want to go to the default.aspx (or any other particular page). I believe that I have set this up in the web config
to allow anonymous access to any page on the site EXCEPT the page of which I need the user to login to see. Users can get to the anonymous pages no problem. To force the login screen to come up for the particular page in question, if the user is not authenticated
yet, I've put a <location> tag in the web .config. This is working correctly - if not authenticated yet the login page comes up first. The problem is that once I try to set the authentication cookie and redirect to the page that the user actually wanted,
they are directed again to the login page. In the authentication event of the login control, i've checked the User object to see if the Identity.IsAuthenticated property is set, and it is not, which leads me to believe that authentication is not taking place.
jgelinas33
Member
1 Points
5 Posts
After Membership.ValidateUser then what?!
Jan 07, 2013 07:43 PM|LINK
Using pretty much all of the default authentication in visual studio. Have the App_Data database (ASPNETDB.MDF) set up. Per web.config, all pages are available to anonymous access except for one page, which is designated to require login via the <location> tag. Using the Login control to log in. When browsing to the page that requires login, no problem, login page comes up first. Enter valid user name and password. Code below. The validate works but the redirect does not, just redirects me to the Logon.aspx page again.
Should not the FormsAuthentication.SetAuthCookie call authenticate the user and put a validation cookie in the response stream? "ReturnUrl" is correct. I've also tried the FormsAuthentication.RedirectFromLoginPage with the same result.
protected void LoginUser_Authenticate(object sender, AuthenticateEventArgs e) { if (Membership.ValidateUser(LoginUser.UserName, LoginUser.Password)) { FormsAuthentication.SetAuthCookie(LoginUser.UserName, true); Response.Redirect(Request["ReturnUrl"], true); } }web.config is as follows:
<?xml version="1.0"?> <!-- For more information on how to configure your ASP.NET application, please visit http://go.microsoft.com/fwlink/?LinkId=169433 --> <configuration> <connectionStrings> <add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient"/> </connectionStrings> <system.web> <compilation debug="true" targetFramework="4.0"/> <authentication mode="Forms"> <forms loginUrl="~/Account/Login.aspx" timeout="2880" ticketCompatibilityMode="Framework40" name="BLOGTEST" /> </authentication> <authorization> <allow users="*"/> </authorization> <membership> <providers> <clear/> <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/> </providers> </membership> <profile> <providers> <clear/> <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/> </providers> </profile> <roleManager enabled="false"> <providers> <clear/> <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/"/> <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/"/> </providers> </roleManager> </system.web> <system.webServer> <modules runAllManagedModulesForAllRequests="true"/> </system.webServer> <location path="BlogEntry.aspx"> <system.web> <authorization> <deny users="*"/> </authorization> </system.web> </location> </configuration>BrockAllen
All-Star
27512 Points
4895 Posts
MVP
Re: After Membership.ValidateUser then what?!
Jan 07, 2013 08:32 PM|LINK
DevelopMentor | http://www.develop.com
thinktecture | http://www.thinktecture.com/
Sujeet Saste
Contributor
3008 Points
572 Posts
Re: After Membership.ValidateUser then what?!
Jan 08, 2013 03:33 AM|LINK
Use following:
if(Membership.ValidateUser(UserName, Password)) { FormsAuthentication.SetAuthCookie(UserName, true); Response.Redirect(Request["ReturnURL"]); }Also try by using following in web.config
Do FEAR (Face Everything And Rise)
Please mark as Answer if my post helps you..!
My Blog
jgelinas33
Member
1 Points
5 Posts
Re: After Membership.ValidateUser then what?!
Jan 08, 2013 02:21 PM|LINK
Tried this. Still redirected to login page.
jgelinas33
Member
1 Points
5 Posts
Re: After Membership.ValidateUser then what?!
Jan 08, 2013 02:30 PM|LINK
Tried this as well. Only difference is I don't have a defaultUrl property set in my <authentication> tag of the web.config. However, I don't want to go to the default.aspx (or any other particular page). I believe that I have set this up in the web config to allow anonymous access to any page on the site EXCEPT the page of which I need the user to login to see. Users can get to the anonymous pages no problem. To force the login screen to come up for the particular page in question, if the user is not authenticated yet, I've put a <location> tag in the web .config. This is working correctly - if not authenticated yet the login page comes up first. The problem is that once I try to set the authentication cookie and redirect to the page that the user actually wanted, they are directed again to the login page. In the authentication event of the login control, i've checked the User object to see if the Identity.IsAuthenticated property is set, and it is not, which leads me to believe that authentication is not taking place.
Sujeet Saste
Contributor
3008 Points
572 Posts
Re: After Membership.ValidateUser then what?!
Jan 08, 2013 03:55 PM|LINK
Hi, If you are trying to redirect to BlogEntry.aspx then it will redirect you to login page because in web config you have used :
Means you are denying the access to authenticated users.
Do FEAR (Face Everything And Rise)
Please mark as Answer if my post helps you..!
My Blog
jgelinas33
Member
1 Points
5 Posts
Re: After Membership.ValidateUser then what?!
Jan 08, 2013 04:35 PM|LINK