|
web.config and authentication problem.
Hello there!
I have developed a .net web application. In this I am having some .aspx files and one web.config file. All the files are in same folder. In my web.config file I set authentication mode as 'Forms'. I also have login.aspx fine in my app. Now when I try to access any page directely (without enter UID/PWD) I am not redirected to login.aspx. Below is my web.config code <authentication mode="Forms"> <forms name="testApp" path="/" loginUrl="login.aspx" protection="All" timeout="30"> <credentials passwordFormat="Clear"> <user name="user1" password="pwd1" /> <user name="user2" password="pwd2" /> <user name="user3" password="pwd3 /> </credentials> </forms> </authentication> <authorization> <allow users="user1,user2" /> <deny users="user2" /> </authorization> Withour entering my UID/PWD in my login.aspx file I can access any pages, I am not getting how is it happening? Can any body help me. Thanking you. Shail |
RE: web.config and authentication problem.
Dear Shailesh,
you have to give the attribute <deny users="?" /> currently you have denied only user2. that means, you are denying only him. deny users="?" will deny all unauthenticated users. hope it helps. "Shailesh" wrote: > Hello there! > > I have developed a .net web application. In this I am having some .aspx files and one web.config file. All the files are in same folder. In my web.config file I set authentication mode as 'Forms'. I also have login.aspx fine in my app. Now when I try to access any page directely (without enter UID/PWD) I am not redirected to login.aspx. Below is my web.config code > > <authentication mode="Forms"> > <forms name="testApp" path="/" loginUrl="login.aspx" protection="All" timeout="30"> > <credentials passwordFormat="Clear"> > <user name="user1" password="pwd1" /> > <user name="user2" password="pwd2" /> > <user name="user3" password="pwd3 /> > </credentials> > </forms> > </authentication> > > <authorization> > <allow users="user1,user2" /> > <deny users="user2" /> > </authorization> > > Withour entering my UID/PWD in my login.aspx file I can access any pages, I am not getting how is it happening? Can any body help me. > > Thanking you. > Shail |
RE: web.config and authentication problem.
Hi, Ranganh,
Its works absolutely fine now. Thanx for your reply. Shail. "ranganh" wrote: > Dear Shailesh, > > you have to give the attribute > > <deny users="?" /> > > currently you have denied only user2. that means, you are denying only him. > > deny users="?" will deny all unauthenticated users. > > hope it helps. > > > > > "Shailesh" wrote: > > > Hello there! > > > > I have developed a .net web application. In this I am having some .aspx files and one web.config file. All the files are in same folder. In my web.config file I set authentication mode as 'Forms'. I also have login.aspx fine in my app. Now when I try to access any page directely (without enter UID/PWD) I am not redirected to login.aspx. Below is my web.config code > > > > <authentication mode="Forms"> > > <forms name="testApp" path="/" loginUrl="login.aspx" protection="All" timeout="30"> > > <credentials passwordFormat="Clear"> > > <user name="user1" password="pwd1" /> > > <user name="user2" password="pwd2" /> > > <user name="user3" password="pwd3 /> > > </credentials> > > </forms> > > </authentication> > > > > <authorization> > > <allow users="user1,user2" /> > > <deny users="user2" /> > > </authorization> > > > > Withour entering my UID/PWD in my login.aspx file I can access any pages, I am not getting how is it happening? Can any body help me. > > > > Thanking you. > > Shail |
| All times are GMT. The time now is 01:58 PM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.