Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Forms Authentication Problem

Reply
Thread Tools

Forms Authentication Problem

 
 
Bob Hansen
Guest
Posts: n/a
 
      02-03-2004
Hello All,

I am trying to set up forms authentication for an ASP.NET web site. I
programmed quite a bit of stuff with custom IPrincipal and IIdentity objects
and everything only to find out that none of it worked. After fiddling
around with things I decided to try a really basic example. A set some
values in the web.config as follows...

<authentication mode="Forms">
<forms name=".ASPXAUTH" loginUrl="Login.aspx" />
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>

I then created a simple login.aspx page and a default.aspx page with no
implementation. The only thing I wanted to do was see if accessing the
default.aspx page would bring up the login.aspx page as expected. Didnt
work. Not only that, but on further inspection of the
Context.User.Identity.IsAuthenticated property revealed that I am always
authenticated. I cannot unauthenticate myself. Further, the
Context.User.Identity.Name comes up as my login name for windows complete
with network domain!

Is there a configuration option I am missing somewhere? Is there something
in IIS that needs to be set? Please help!!!

Cheers,

Bob Hansen
JASCorp, L.L.C.
www.jasrx.com
www.jascorp.com



 
Reply With Quote
 
 
 
 
Hernan de Lahitte
Guest
Posts: n/a
 
      02-03-2004
You must check in IIS the anonymous access and Integrated Win.Auth. as well.

--
Hernan de Lahitte
Lagash Systems S.A.
http://www.lagash.com



"Bob Hansen" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hello All,
>
> I am trying to set up forms authentication for an ASP.NET web site. I
> programmed quite a bit of stuff with custom IPrincipal and IIdentity

objects
> and everything only to find out that none of it worked. After fiddling
> around with things I decided to try a really basic example. A set some
> values in the web.config as follows...
>
> <authentication mode="Forms">
> <forms name=".ASPXAUTH" loginUrl="Login.aspx" />
> </authentication>
> <authorization>
> <deny users="?" />
> <allow users="*" />
> </authorization>
>
> I then created a simple login.aspx page and a default.aspx page with no
> implementation. The only thing I wanted to do was see if accessing the
> default.aspx page would bring up the login.aspx page as expected. Didnt
> work. Not only that, but on further inspection of the
> Context.User.Identity.IsAuthenticated property revealed that I am always
> authenticated. I cannot unauthenticate myself. Further, the
> Context.User.Identity.Name comes up as my login name for windows complete
> with network domain!
>
> Is there a configuration option I am missing somewhere? Is there

something
> in IIS that needs to be set? Please help!!!
>
> Cheers,
>
> Bob Hansen
> JASCorp, L.L.C.
> www.jasrx.com
> www.jascorp.com
>
>
>



 
Reply With Quote
 
 
 
 
Guest
Posts: n/a
 
      02-03-2004
It sounds like you have Windows Integrated Authentication
enabled.

>-----Original Message-----
>Hello All,
>
>I am trying to set up forms authentication for an

ASP.NET web site. I
>programmed quite a bit of stuff with custom IPrincipal

and IIdentity objects
>and everything only to find out that none of it worked.

After fiddling
>around with things I decided to try a really basic

example. A set some
>values in the web.config as follows...
>
><authentication mode="Forms">
><forms name=".ASPXAUTH" loginUrl="Login.aspx" />
></authentication>
><authorization>
><deny users="?" />
><allow users="*" />
></authorization>
>
>I then created a simple login.aspx page and a

default.aspx page with no
>implementation. The only thing I wanted to do was see

if accessing the
>default.aspx page would bring up the login.aspx page as

expected. Didnt
>work. Not only that, but on further inspection of the
>Context.User.Identity.IsAuthenticated property revealed

that I am always
>authenticated. I cannot unauthenticate myself.

Further, the
>Context.User.Identity.Name comes up as my login name for

windows complete
>with network domain!
>
>Is there a configuration option I am missing somewhere?

Is there something
>in IIS that needs to be set? Please help!!!
>
>Cheers,
>
>Bob Hansen
>JASCorp, L.L.C.
>www.jasrx.com
>www.jascorp.com
>
>
>
>.
>

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Best practices for using forms authentication and security in a hosted env (was: Re: Using a Forms authentication in a shared hosting environment) JEFF ASP .Net 1 11-12-2007 07:00 PM
forms authentication -- expired forms cookie vs. not provided forms cookie Eric ASP .Net Security 2 01-27-2006 10:09 PM
Forms authentication - Multiple login forms based on directory acc Keltex ASP .Net Security 1 01-24-2006 03:06 PM
Forms Authentication question: How to have some pages open and some requiring forms authentication Eric ASP .Net 2 02-13-2004 02:14 PM
Forms Authentication, external authentication server, & rerouting to orig. req. URL Andrew Connell ASP .Net 1 10-21-2003 05:41 PM



Advertisments