Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > VB Login page problem?

Reply
Thread Tools

VB Login page problem?

 
 
Dam6
Guest
Posts: n/a
 
      06-24-2005
Okay...
Using vb .net within DW MX2004, connecting to an access database:

Background: I have created a simple login.aspx page that is supposed to
re-direct to default.aspx using FormsAuthentication.RedirectFromLoginPage.
The data is correct from testing the dataset etc and the page also informs
me that I have entered an incorrect user / password.

Problem:
When I go to http://localhost/Modify/Login.aspx and enter the username and
password the url returns
http://localhost/Modify/login.aspx?R...2fdefault.aspx and
does not take me to any other page???

Code:
WEB.CONFIG:

<system.web>
<customErrors mode="Off" />
<authentication mode = "Forms">
<forms name = " .SECAUTH " loginUrl="login.aspx">
<credentials />
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>





LOGIN PAGE:

<%@ Page Language="VB" ContentType="text/html" ResponseEncoding="iso-8859-1"
%>
<%@ Register TagPrefix="MM" Namespace="DreamweaverCtrls"
Assembly="DreamweaverCtrls,version=1.0.0.0,publicK eyToken=836f606ede05d46a,culture=neutral"
%>
<MMataSet
id="dsLogin"
runat="Server"
IsStoredProcedure="false"
ConnectionString='<%#
System.Configuration.ConfigurationSettings.AppSett ings("MM_CONNECTION_STRING_connITNoticeboardASP")
%>'
DatabaseType='<%#
System.Configuration.ConfigurationSettings.AppSett ings("MM_CONNECTION_DATABASETYPE_connITNoticeboard ASP")
%>'
CommandText='<%# "SELECT EmployeeID, LastLogin, User_name, Pass_wrd FROM
tbl_users WHERE User_name = ? AND Pass_wrd = ?" %>'
Debug="true"
><Parameters>

<Parameter Name="@User_name" Value='<%# IIf((Request.Form("tfUsername")
<> Nothing), Request.Form("tfUsername"), "") %>' Type="WChar" />
<Parameter Name="@Pass_wrd" Value='<%# IIf((Request.Form("tfPasswrd") <>
Nothing), Request.Form("tfPasswrd"), "") %>' Type="WChar" />
</Parameters></MMataSet>
<MMageBind runat="server" PostBackBind="true" />
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Login Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
..style1 {
font-size: 18px;
font-weight: bold;
}
-->
</style>
</head>
<body>
<p align="center" class="style1">Login Page</p>
<p>&nbsp;</p>
<table width="300" border="0" align="center" cellpadding="0"
cellspacing="0">
<tr>
<td><form runat="server">
<table width="300" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="98">Username:</td>
<td width="202"><asp:TextBox ID="tfUsername" runat="server"
/></td>
</tr>
<tr>
<td>Password:</td>
<td><asp:TextBox ID="tfPasswrd" runat="server" TextMode="Password"
/></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><asp:Button ID="Button" Text="Login" runat="server" /></td>
</tr>
</table>
</form></td>
<%
if dsLogin.RecordCount > 0 then
Session("sessUsername") = Request.Form("tfUsername")
FormsAuthentication.RedirectFromLoginPage("tfUsern ame.value", true )
else if ((Request.Form("tfUsername"))) <> Nothing OR
((Request.Form("tfPassword"))) <> Nothing
response.Write("Login Failed. Please Try Again.")
end if
%>


</tr>
</table>
<table width="300" border="0" align="center" cellpadding="0"
cellspacing="0">
<tr>
<td><p align="center"><a href="http://www.yahoo.com"
target="_parent">www.yahoo.com</a></p>
<p align="center"><a href="../search_it.aspx" target="_parent">Start
Page</a> </p></td>
</tr>
</table>
<p>&nbsp; </p>
</body>
</html>


 
Reply With Quote
 
 
 
 
Dave F.
Guest
Posts: n/a
 
      06-26-2005
Hi

You should never use your login page as your entry url.
http://localhost/Modify/Default.aspx. The forms authentication will redirect
the user to Login.aspx. Then once the user is authenicated they will be
returned to Default.aspx once you issue the
"FormsAuthentication.RedirectFromLoginPage(txtUser Name.Text, false)"
request.
Hope this helps.

Dave

"Dam6" <(E-Mail Removed)8.net> wrote in message
news:(E-Mail Removed)...
> Okay...
> Using vb .net within DW MX2004, connecting to an access database:
>
> Background: I have created a simple login.aspx page that is supposed to
> re-direct to default.aspx using FormsAuthentication.RedirectFromLoginPage.
> The data is correct from testing the dataset etc and the page also informs
> me that I have entered an incorrect user / password.
>
> Problem:
> When I go to http://localhost/Modify/Login.aspx and enter the username and
> password the url returns
> http://localhost/Modify/login.aspx?R...2fdefault.aspx and
> does not take me to any other page???
>
> Code:
> WEB.CONFIG:
>
> <system.web>
> <customErrors mode="Off" />
> <authentication mode = "Forms">
> <forms name = " .SECAUTH " loginUrl="login.aspx">
> <credentials />
> </forms>
> </authentication>
> <authorization>
> <deny users="?" />
> </authorization>
> </system.web>
>
>
>
>
>
> LOGIN PAGE:
>
> <%@ Page Language="VB" ContentType="text/html"
> ResponseEncoding="iso-8859-1" %>
> <%@ Register TagPrefix="MM" Namespace="DreamweaverCtrls"
> Assembly="DreamweaverCtrls,version=1.0.0.0,publicK eyToken=836f606ede05d46a,culture=neutral"
> %>
> <MMataSet
> id="dsLogin"
> runat="Server"
> IsStoredProcedure="false"
> ConnectionString='<%#
> System.Configuration.ConfigurationSettings.AppSett ings("MM_CONNECTION_STRING_connITNoticeboardASP")
> %>'
> DatabaseType='<%#
> System.Configuration.ConfigurationSettings.AppSett ings("MM_CONNECTION_DATABASETYPE_connITNoticeboard ASP")
> %>'
> CommandText='<%# "SELECT EmployeeID, LastLogin, User_name, Pass_wrd FROM
> tbl_users WHERE User_name = ? AND Pass_wrd = ?" %>'
> Debug="true"
>><Parameters>

> <Parameter Name="@User_name" Value='<%# IIf((Request.Form("tfUsername")
> <> Nothing), Request.Form("tfUsername"), "") %>' Type="WChar" />
> <Parameter Name="@Pass_wrd" Value='<%# IIf((Request.Form("tfPasswrd")
> <> Nothing), Request.Form("tfPasswrd"), "") %>' Type="WChar" />
> </Parameters></MMataSet>
> <MMageBind runat="server" PostBackBind="true" />
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
> "http://www.w3.org/TR/html4/loose.dtd">
> <html>
> <head>
> <title>Login Page</title>
> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
> <style type="text/css">
> <!--
> .style1 {
> font-size: 18px;
> font-weight: bold;
> }
> -->
> </style>
> </head>
> <body>
> <p align="center" class="style1">Login Page</p>
> <p>&nbsp;</p>
> <table width="300" border="0" align="center" cellpadding="0"
> cellspacing="0">
> <tr>
> <td><form runat="server">
> <table width="300" border="0" cellspacing="0" cellpadding="0">
> <tr>
> <td width="98">Username:</td>
> <td width="202"><asp:TextBox ID="tfUsername" runat="server"
> /></td>
> </tr>
> <tr>
> <td>Password:</td>
> <td><asp:TextBox ID="tfPasswrd" runat="server"
> TextMode="Password" /></td>
> </tr>
> <tr>
> <td>&nbsp;</td>
> <td><asp:Button ID="Button" Text="Login" runat="server" /></td>
> </tr>
> </table>
> </form></td>
> <%
> if dsLogin.RecordCount > 0 then
> Session("sessUsername") = Request.Form("tfUsername")
> FormsAuthentication.RedirectFromLoginPage("tfUsern ame.value", true )
> else if ((Request.Form("tfUsername"))) <> Nothing OR
> ((Request.Form("tfPassword"))) <> Nothing
> response.Write("Login Failed. Please Try Again.")
> end if
> %>
>
>
> </tr>
> </table>
> <table width="300" border="0" align="center" cellpadding="0"
> cellspacing="0">
> <tr>
> <td><p align="center"><a href="http://www.yahoo.com"
> target="_parent">www.yahoo.com</a></p>
> <p align="center"><a href="../search_it.aspx" target="_parent">Start
> Page</a> </p></td>
> </tr>
> </table>
> <p>&nbsp; </p>
> </body>
> </html>
>
>



 
Reply With Quote
 
 
 
 
Dam6
Guest
Posts: n/a
 
      06-26-2005
I did think of that... But the default.aspx page is inside the directory
that has been locked by the config file? Will look at what you've said
(Which makes sense!) and try differing things...


"Dave F." <(E-Mail Removed)> wrote in message
news:%23yXF%(E-Mail Removed)...
> Hi
>
> You should never use your login page as your entry url.
> http://localhost/Modify/Default.aspx. The forms authentication will
> redirect the user to Login.aspx. Then once the user is authenicated they
> will be returned to Default.aspx once you issue the
> "FormsAuthentication.RedirectFromLoginPage(txtUser Name.Text, false)"
> request.
> Hope this helps.
>
> Dave
>
> "Dam6" <(E-Mail Removed)8.net> wrote in message
> news:(E-Mail Removed)...
>> Okay...
>> Using vb .net within DW MX2004, connecting to an access database:
>>
>> Background: I have created a simple login.aspx page that is supposed to
>> re-direct to default.aspx using
>> FormsAuthentication.RedirectFromLoginPage. The data is correct from
>> testing the dataset etc and the page also informs me that I have entered
>> an incorrect user / password.
>>
>> Problem:
>> When I go to http://localhost/Modify/Login.aspx and enter the username
>> and password the url returns
>> http://localhost/Modify/login.aspx?R...2fdefault.aspx and
>> does not take me to any other page???
>>
>> Code:
>> WEB.CONFIG:
>>
>> <system.web>
>> <customErrors mode="Off" />
>> <authentication mode = "Forms">
>> <forms name = " .SECAUTH " loginUrl="login.aspx">
>> <credentials />
>> </forms>
>> </authentication>
>> <authorization>
>> <deny users="?" />
>> </authorization>
>> </system.web>
>>
>>
>>
>>
>>
>> LOGIN PAGE:
>>
>> <%@ Page Language="VB" ContentType="text/html"
>> ResponseEncoding="iso-8859-1" %>
>> <%@ Register TagPrefix="MM" Namespace="DreamweaverCtrls"
>> Assembly="DreamweaverCtrls,version=1.0.0.0,publicK eyToken=836f606ede05d46a,culture=neutral"
>> %>
>> <MMataSet
>> id="dsLogin"
>> runat="Server"
>> IsStoredProcedure="false"
>> ConnectionString='<%#
>> System.Configuration.ConfigurationSettings.AppSett ings("MM_CONNECTION_STRING_connITNoticeboardASP")
>> %>'
>> DatabaseType='<%#
>> System.Configuration.ConfigurationSettings.AppSett ings("MM_CONNECTION_DATABASETYPE_connITNoticeboard ASP")
>> %>'
>> CommandText='<%# "SELECT EmployeeID, LastLogin, User_name, Pass_wrd FROM
>> tbl_users WHERE User_name = ? AND Pass_wrd = ?" %>'
>> Debug="true"
>>><Parameters>

>> <Parameter Name="@User_name" Value='<%#
>> IIf((Request.Form("tfUsername") <> Nothing), Request.Form("tfUsername"),
>> "") %>' Type="WChar" />
>> <Parameter Name="@Pass_wrd" Value='<%# IIf((Request.Form("tfPasswrd")
>> <> Nothing), Request.Form("tfPasswrd"), "") %>' Type="WChar" />
>> </Parameters></MMataSet>
>> <MMageBind runat="server" PostBackBind="true" />
>> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
>> "http://www.w3.org/TR/html4/loose.dtd">
>> <html>
>> <head>
>> <title>Login Page</title>
>> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
>> <style type="text/css">
>> <!--
>> .style1 {
>> font-size: 18px;
>> font-weight: bold;
>> }
>> -->
>> </style>
>> </head>
>> <body>
>> <p align="center" class="style1">Login Page</p>
>> <p>&nbsp;</p>
>> <table width="300" border="0" align="center" cellpadding="0"
>> cellspacing="0">
>> <tr>
>> <td><form runat="server">
>> <table width="300" border="0" cellspacing="0" cellpadding="0">
>> <tr>
>> <td width="98">Username:</td>
>> <td width="202"><asp:TextBox ID="tfUsername" runat="server"
>> /></td>
>> </tr>
>> <tr>
>> <td>Password:</td>
>> <td><asp:TextBox ID="tfPasswrd" runat="server"
>> TextMode="Password" /></td>
>> </tr>
>> <tr>
>> <td>&nbsp;</td>
>> <td><asp:Button ID="Button" Text="Login" runat="server" /></td>
>> </tr>
>> </table>
>> </form></td>
>> <%
>> if dsLogin.RecordCount > 0 then
>> Session("sessUsername") = Request.Form("tfUsername")
>> FormsAuthentication.RedirectFromLoginPage("tfUsern ame.value", true )
>> else if ((Request.Form("tfUsername"))) <> Nothing OR
>> ((Request.Form("tfPassword"))) <> Nothing
>> response.Write("Login Failed. Please Try Again.")
>> end if
>> %>
>>
>>
>> </tr>
>> </table>
>> <table width="300" border="0" align="center" cellpadding="0"
>> cellspacing="0">
>> <tr>
>> <td><p align="center"><a href="http://www.yahoo.com"
>> target="_parent">www.yahoo.com</a></p>
>> <p align="center"><a href="../search_it.aspx" target="_parent">Start
>> Page</a> </p></td>
>> </tr>
>> </table>
>> <p>&nbsp; </p>
>> </body>
>> </html>
>>
>>

>
>



 
Reply With Quote
 
Dam6
Guest
Posts: n/a
 
      06-27-2005
Dave,

Today I opened the default.aspx page that resides outside of the folder
where login.aspx resides. Created a link to login.aspx and the index.aspx
page etc.
Clicking on either brings forth the login page. Once I enter the user/pass
and press enter nothing happens apart from the top url changing

http://localhost/Modify/login.aspx?R...2fdefault.aspx

still no re-direction.


"Dave F." <(E-Mail Removed)> wrote in message
news:%23yXF%(E-Mail Removed)...
> Hi
>
> You should never use your login page as your entry url.
> http://localhost/Modify/Default.aspx. The forms authentication will
> redirect the user to Login.aspx. Then once the user is authenicated they
> will be returned to Default.aspx once you issue the
> "FormsAuthentication.RedirectFromLoginPage(txtUser Name.Text, false)"
> request.
> Hope this helps.
>
> Dave
>
> "Dam6" <(E-Mail Removed)8.net> wrote in message
> news:(E-Mail Removed)...
>> Okay...
>> Using vb .net within DW MX2004, connecting to an access database:
>>
>> Background: I have created a simple login.aspx page that is supposed to
>> re-direct to default.aspx using
>> FormsAuthentication.RedirectFromLoginPage. The data is correct from
>> testing the dataset etc and the page also informs me that I have entered
>> an incorrect user / password.
>>
>> Problem:
>> When I go to http://localhost/Modify/Login.aspx and enter the username
>> and password the url returns
>> http://localhost/Modify/login.aspx?R...2fdefault.aspx and
>> does not take me to any other page???
>>
>> Code:
>> WEB.CONFIG:
>>
>> <system.web>
>> <customErrors mode="Off" />
>> <authentication mode = "Forms">
>> <forms name = " .SECAUTH " loginUrl="login.aspx">
>> <credentials />
>> </forms>
>> </authentication>
>> <authorization>
>> <deny users="?" />
>> </authorization>
>> </system.web>
>>
>>
>>
>>
>>
>> LOGIN PAGE:
>>
>> <%@ Page Language="VB" ContentType="text/html"
>> ResponseEncoding="iso-8859-1" %>
>> <%@ Register TagPrefix="MM" Namespace="DreamweaverCtrls"
>> Assembly="DreamweaverCtrls,version=1.0.0.0,publicK eyToken=836f606ede05d46a,culture=neutral"
>> %>
>> <MMataSet
>> id="dsLogin"
>> runat="Server"
>> IsStoredProcedure="false"
>> ConnectionString='<%#
>> System.Configuration.ConfigurationSettings.AppSett ings("MM_CONNECTION_STRING_connITNoticeboardASP")
>> %>'
>> DatabaseType='<%#
>> System.Configuration.ConfigurationSettings.AppSett ings("MM_CONNECTION_DATABASETYPE_connITNoticeboard ASP")
>> %>'
>> CommandText='<%# "SELECT EmployeeID, LastLogin, User_name, Pass_wrd FROM
>> tbl_users WHERE User_name = ? AND Pass_wrd = ?" %>'
>> Debug="true"
>>><Parameters>

>> <Parameter Name="@User_name" Value='<%#
>> IIf((Request.Form("tfUsername") <> Nothing), Request.Form("tfUsername"),
>> "") %>' Type="WChar" />
>> <Parameter Name="@Pass_wrd" Value='<%# IIf((Request.Form("tfPasswrd")
>> <> Nothing), Request.Form("tfPasswrd"), "") %>' Type="WChar" />
>> </Parameters></MMataSet>
>> <MMageBind runat="server" PostBackBind="true" />
>> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
>> "http://www.w3.org/TR/html4/loose.dtd">
>> <html>
>> <head>
>> <title>Login Page</title>
>> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
>> <style type="text/css">
>> <!--
>> .style1 {
>> font-size: 18px;
>> font-weight: bold;
>> }
>> -->
>> </style>
>> </head>
>> <body>
>> <p align="center" class="style1">Login Page</p>
>> <p>&nbsp;</p>
>> <table width="300" border="0" align="center" cellpadding="0"
>> cellspacing="0">
>> <tr>
>> <td><form runat="server">
>> <table width="300" border="0" cellspacing="0" cellpadding="0">
>> <tr>
>> <td width="98">Username:</td>
>> <td width="202"><asp:TextBox ID="tfUsername" runat="server"
>> /></td>
>> </tr>
>> <tr>
>> <td>Password:</td>
>> <td><asp:TextBox ID="tfPasswrd" runat="server"
>> TextMode="Password" /></td>
>> </tr>
>> <tr>
>> <td>&nbsp;</td>
>> <td><asp:Button ID="Button" Text="Login" runat="server" /></td>
>> </tr>
>> </table>
>> </form></td>
>> <%
>> if dsLogin.RecordCount > 0 then
>> Session("sessUsername") = Request.Form("tfUsername")
>> FormsAuthentication.RedirectFromLoginPage("tfUsern ame.value", true )
>> else if ((Request.Form("tfUsername"))) <> Nothing OR
>> ((Request.Form("tfPassword"))) <> Nothing
>> response.Write("Login Failed. Please Try Again.")
>> end if
>> %>
>>
>>
>> </tr>
>> </table>
>> <table width="300" border="0" align="center" cellpadding="0"
>> cellspacing="0">
>> <tr>
>> <td><p align="center"><a href="http://www.yahoo.com"
>> target="_parent">www.yahoo.com</a></p>
>> <p align="center"><a href="../search_it.aspx" target="_parent">Start
>> Page</a> </p></td>
>> </tr>
>> </table>
>> <p>&nbsp; </p>
>> </body>
>> </html>
>>
>>

>
>



 
Reply With Quote
 
Dam6
Guest
Posts: n/a
 
      06-30-2005



Found what was wrong from the books appended mistakes page while looking on
the web:

forms name = " SECAUTH " loginUrl="login.aspx">
not
forms name = " .SECAUTH " loginUrl="login.aspx">

take out the full stop and it all works.


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
login page stays on login page Shannon ASP .Net 2 01-09-2008 10:51 PM
Specify login page other than Login.aspx vikramp ASP .Net 2 10-20-2006 08:59 PM
asp:login w/ ASP.NET 2.0 -- still can't get basic login page to work Sasquatch ASP .Net 2 10-04-2006 04:04 PM
Can't create simple login page using asp:login control Sasquatch ASP .Net 2 10-03-2006 09:22 PM
Forms Login Page Not Login Out Hermit Dave ASP .Net 5 01-13-2004 07:14 AM



Advertisments