Forms Authentication help please!
I have implemented forms authentication but when I click my login button it just resets my page like nothing has happened.... Can someone please tell me what I am doing wrong? I am using a url rewrite.... could this have anything to do with my issue?
WEB.CONFIG
Code:
<?xml version="1.0"?>
<configuration>
<connectionStrings>
<add name="DBConnectionString" connectionString="Data Source=XXREMOVEDXX;Initial Catalog=XXREMOVEDXX;Persist Security Info=True;User ID=XXREMOVEDXX;Password=XXREMOVEDXX"
providerName="System.Data.SqlClient" />
</connectionStrings>
<appSettings>
<add key="Telerik.ScriptManager.TelerikCdn" value="Enabled"/>
<add key="Telerik.StyleSheetManager.TelerikCdn" value="Enabled"/>
</appSettings>
<system.web>
<customErrors mode="Off"/>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.0"/>
<authentication mode="Forms">
<forms loginUrl="login/" name=".ASPXAUTH" protection="All"/>
</authentication>
<authorization>
<allow users="*"/>
</authorization>
<pages>
<controls>
<add tagPrefix="telerik" namespace="Telerik.Web.UI" assembly="Telerik.Web.UI"/>
</controls>
</pages>
<httpHandlers>
<add path="ChartImage.axd" type="Telerik.Web.UI.ChartHttpHandler" verb="*" validate="false"/>
<add path="Telerik.Web.UI.SpellCheckHandler.axd" type="Telerik.Web.UI.SpellCheckHandler" verb="*" validate="false"/>
<add path="Telerik.Web.UI.DialogHandler.aspx" type="Telerik.Web.UI.DialogHandler" verb="*" validate="false"/>
<add path="Telerik.RadUploadProgressHandler.ashx" type="Telerik.Web.UI.RadUploadProgressHandler" verb="*" validate="false"/>
<add path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResource" verb="*" validate="false"/>
</httpHandlers>
<httpModules>
<add name="RadUploadModule" type="Telerik.Web.UI.RadUploadHttpModule"/>
<add name="RadCompression" type="Telerik.Web.UI.RadCompression"/>
</httpModules>
</system.web>
<location path="members">
<system.web>
<authorization>
<allow roles="MEMBER,ADMIN"/>
<!-- comma separate which users are allowed to view these pages after logging in -->
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="admin">
<system.web>
<authorization>
<allow roles="ADMIN"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
<system.webServer>
<rewrite>
<rules>
<rule name="Rewrite All" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="article.aspx" />
</rule>
</rules>
</rewrite>
<defaultDocument>
<files>
<clear/>
<add value="default.aspx"/>
<add value="index.html"/>
</files>
</defaultDocument>
<validation validateIntegratedModeConfiguration="false"/>
<modules runAllManagedModulesForAllRequests="true">
<remove name="RadUploadModule"/>
<add name="RadUploadModule" type="Telerik.Web.UI.RadUploadHttpModule" preCondition="integratedMode"/>
<remove name="RadCompression"/>
<add name="RadCompression" type="Telerik.Web.UI.RadCompression" preCondition="integratedMode"/>
</modules>
<handlers>
<remove name="ChartImage_axd"/>
<add name="ChartImage_axd" path="ChartImage.axd" type="Telerik.Web.UI.ChartHttpHandler" verb="*" preCondition="integratedMode"/>
<remove name="Telerik_Web_UI_SpellCheckHandler_axd"/>
<add name="Telerik_Web_UI_SpellCheckHandler_axd" path="Telerik.Web.UI.SpellCheckHandler.axd" type="Telerik.Web.UI.SpellCheckHandler" verb="*" preCondition="integratedMode"/>
<remove name="Telerik_Web_UI_DialogHandler_aspx"/>
<add name="Telerik_Web_UI_DialogHandler_aspx" path="Telerik.Web.UI.DialogHandler.aspx" type="Telerik.Web.UI.DialogHandler" verb="*" preCondition="integratedMode"/>
<remove name="Telerik_RadUploadProgressHandler_ashx"/>
<add name="Telerik_RadUploadProgressHandler_ashx" path="Telerik.RadUploadProgressHandler.ashx" type="Telerik.Web.UI.RadUploadProgressHandler" verb="*" preCondition="integratedMode"/>
<remove name="Telerik_Web_UI_WebResource_axd"/>
<add name="Telerik_Web_UI_WebResource_axd" path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResource" verb="*" preCondition="integratedMode"/>
</handlers>
</system.webServer>
</configuration>
DEFAULT.ASPX - location in the /login directory
Code:
<%@ Page Title="" Language="VB" MasterPageFile="~/masterpage.master" AutoEventWireup="false" CodeFile="default.aspx.vb" Inherits="login_default" %>
<asp:Content ID="Content1" ContentPlaceHolderID="head" Runat="Server">
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="ContentPlaceHolder1" Runat="Server">
<div id="main-sub-container">
<table align="center" cellpadding="2" class="style1">
<tr>
<td colspan="2">
The page or area you are trying to access requires you to be logged in. <br />
Please enter your user name and password to login.
</td>
</tr>
<tr>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
User Name:
</td>
<td>
<asp:TextBox ID="txtUserName" runat="server" Width="250px"></asp:TextBox>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
<asp:TextBox ID="txtPassword" runat="server" TextMode="Password" Width="250px"></asp:TextBox>
</td>
</tr>
<tr>
<td>
</td>
<td>
<asp:Button ID="btnLoginAdmin" runat="server" Text="Login" />
</td>
</tr>
<tr>
<td>
</td>
<td>
<asp:Label ID="lblStatus" runat="server" ForeColor="Red"></asp:Label>
</td>
</tr>
</table>
</div>
</asp:Content>
DEFAULT.ASPX.VB
Code:
Imports System.Data.SqlClient
Imports Utils
Partial Class login_default
Inherits System.Web.UI.Page
Protected Sub btnLoginAdmin_Click(sender As Object, e As System.EventArgs) Handles btnLoginAdmin.Click
If txtUserName.Text = "" Then
lblStatus.Text = "Error: User Name is required to login!"
ElseIf txtPassword.Text = "" Then
lblStatus.Text = "Error: Password is required to login!"
Else
Try
Dim connString = ConfigurationManager.ConnectionStrings("DBConnectionString").ToString
Dim sql As String = String.Format("SELECT * FROM Members WHERE MemberEmail='{0}' AND MemberPassword='{1}'", _
SQLSafe(txtUserName.Text), SQLSafe(txtPassword.Text))
Dim conn As SqlConnection = New SqlConnection(connString)
Dim command As SqlCommand = New SqlCommand(sql, conn)
conn.Open()
Dim sqlReader As SqlDataReader = command.ExecuteReader()
If sqlReader.Read = True Then
Response.Redirect("/admin/", True)
Else
lblStatus.Visible = True
lblStatus.Text = "Error: Invalid user name or password."
End If
conn.Close()
Catch ex As Exception
lblStatus.Text = "Error: Unable to connect to the database at this time."
End Try
End If
End Sub
End Class
UTILS.VB
Code:
Imports System
Public Class Utils
Public Shared Function SQLSafe(ByVal SQL As String) As String
SQLSafe = SQL.Replace("'", "''")
End Function
End Class
Re: Forms Authentication help please!
Hello,
Have you stepped through the code in the debugger? Does it take the path that you would expect?
Have you tried taking off the URL rewriting, to see if it works?
Don't try to do too many things at once. Break things into smaller chunks, and make sure that they are working in isolation, before trying it as a whole.
Gary
Re: Forms Authentication help please!
Apparently the issue I am running into is due to me rewriting the url. Any ideas on correcting this issue?
Thanks!
acrow
Re: Forms Authentication help please!
Off the top of my head, unfortunately not. URL Rewriting is not something that I have really played with.
Gary