Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   ASP .Net Security (http://www.velocityreviews.com/forums/f62-asp-net-security.html)
-   -   Forms Authentication Problem (http://www.velocityreviews.com/forums/t765730-forms-authentication-problem.html)

Bob Hansen 02-03-2004 06:08 PM

Forms Authentication Problem
 
Hello All,

I am trying to set up forms authentication for an ASP.NET web site. I
programmed quite a bit of stuff with custom IPrincipal and IIdentity objects
and everything only to find out that none of it worked. After fiddling
around with things I decided to try a really basic example. A set some
values in the web.config as follows...

<authentication mode="Forms">
<forms name=".ASPXAUTH" loginUrl="Login.aspx" />
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>

I then created a simple login.aspx page and a default.aspx page with no
implementation. The only thing I wanted to do was see if accessing the
default.aspx page would bring up the login.aspx page as expected. Didnt
work. Not only that, but on further inspection of the
Context.User.Identity.IsAuthenticated property revealed that I am always
authenticated. I cannot unauthenticate myself. Further, the
Context.User.Identity.Name comes up as my login name for windows complete
with network domain!

Is there a configuration option I am missing somewhere? Is there something
in IIS that needs to be set? Please help!!!

Cheers,

Bob Hansen
JASCorp, L.L.C.
www.jasrx.com
www.jascorp.com




Hernan de Lahitte 02-03-2004 06:43 PM

Re: Forms Authentication Problem
 
You must check in IIS the anonymous access and Integrated Win.Auth. as well.

--
Hernan de Lahitte
Lagash Systems S.A.
http://www.lagash.com



"Bob Hansen" <bhansenSPAMISFORWEENIES@jascorp.com> wrote in message
news:ODqJxHo6DHA.1816@TK2MSFTNGP12.phx.gbl...
> Hello All,
>
> I am trying to set up forms authentication for an ASP.NET web site. I
> programmed quite a bit of stuff with custom IPrincipal and IIdentity

objects
> and everything only to find out that none of it worked. After fiddling
> around with things I decided to try a really basic example. A set some
> values in the web.config as follows...
>
> <authentication mode="Forms">
> <forms name=".ASPXAUTH" loginUrl="Login.aspx" />
> </authentication>
> <authorization>
> <deny users="?" />
> <allow users="*" />
> </authorization>
>
> I then created a simple login.aspx page and a default.aspx page with no
> implementation. The only thing I wanted to do was see if accessing the
> default.aspx page would bring up the login.aspx page as expected. Didnt
> work. Not only that, but on further inspection of the
> Context.User.Identity.IsAuthenticated property revealed that I am always
> authenticated. I cannot unauthenticate myself. Further, the
> Context.User.Identity.Name comes up as my login name for windows complete
> with network domain!
>
> Is there a configuration option I am missing somewhere? Is there

something
> in IIS that needs to be set? Please help!!!
>
> Cheers,
>
> Bob Hansen
> JASCorp, L.L.C.
> www.jasrx.com
> www.jascorp.com
>
>
>




02-03-2004 06:46 PM

Forms Authentication Problem
 
It sounds like you have Windows Integrated Authentication
enabled.

>-----Original Message-----
>Hello All,
>
>I am trying to set up forms authentication for an

ASP.NET web site. I
>programmed quite a bit of stuff with custom IPrincipal

and IIdentity objects
>and everything only to find out that none of it worked.

After fiddling
>around with things I decided to try a really basic

example. A set some
>values in the web.config as follows...
>
><authentication mode="Forms">
><forms name=".ASPXAUTH" loginUrl="Login.aspx" />
></authentication>
><authorization>
><deny users="?" />
><allow users="*" />
></authorization>
>
>I then created a simple login.aspx page and a

default.aspx page with no
>implementation. The only thing I wanted to do was see

if accessing the
>default.aspx page would bring up the login.aspx page as

expected. Didnt
>work. Not only that, but on further inspection of the
>Context.User.Identity.IsAuthenticated property revealed

that I am always
>authenticated. I cannot unauthenticate myself.

Further, the
>Context.User.Identity.Name comes up as my login name for

windows complete
>with network domain!
>
>Is there a configuration option I am missing somewhere?

Is there something
>in IIS that needs to be set? Please help!!!
>
>Cheers,
>
>Bob Hansen
>JASCorp, L.L.C.
>www.jasrx.com
>www.jascorp.com
>
>
>
>.
>



All times are GMT. The time now is 02:26 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.