Forms Authentication help please!

**acrow** · Aug 10th, 2012, 01:58 AM

I have implemented forms authentication but when I click my login button it just resets my page like nothing has happened.... Can someone please tell me what I am doing wrong? I am using a url rewrite.... could this have anything to do with my issue?

WEB.CONFIG

Code:

<?xml version="1.0"?>
<configuration>
  <connectionStrings>
    <add name="DBConnectionString" connectionString="Data Source=XXREMOVEDXX;Initial Catalog=XXREMOVEDXX;Persist Security Info=True;User ID=XXREMOVEDXX;Password=XXREMOVEDXX"
      providerName="System.Data.SqlClient" />
  </connectionStrings>
  <appSettings>
    <add key="Telerik.ScriptManager.TelerikCdn" value="Enabled"/>
    <add key="Telerik.StyleSheetManager.TelerikCdn" value="Enabled"/>
  </appSettings>
  <system.web>
    <customErrors mode="Off"/>
    <compilation debug="true" strict="false" explicit="true" targetFramework="4.0"/>
    <authentication mode="Forms">
      <forms loginUrl="login/" name=".ASPXAUTH" protection="All"/>
    </authentication>
    <authorization>
      <allow users="*"/>
    </authorization>
    <pages>
      <controls>
        <add tagPrefix="telerik" namespace="Telerik.Web.UI" assembly="Telerik.Web.UI"/>
      </controls>
    </pages>
    <httpHandlers>
      <add path="ChartImage.axd" type="Telerik.Web.UI.ChartHttpHandler" verb="*" validate="false"/>
      <add path="Telerik.Web.UI.SpellCheckHandler.axd" type="Telerik.Web.UI.SpellCheckHandler" verb="*" validate="false"/>
      <add path="Telerik.Web.UI.DialogHandler.aspx" type="Telerik.Web.UI.DialogHandler" verb="*" validate="false"/>
      <add path="Telerik.RadUploadProgressHandler.ashx" type="Telerik.Web.UI.RadUploadProgressHandler" verb="*" validate="false"/>
      <add path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResource" verb="*" validate="false"/>
    </httpHandlers>
    <httpModules>
      <add name="RadUploadModule" type="Telerik.Web.UI.RadUploadHttpModule"/>
      <add name="RadCompression" type="Telerik.Web.UI.RadCompression"/>
    </httpModules>
  </system.web>
  <location path="members">
    <system.web>
      <authorization>
        <allow roles="MEMBER,ADMIN"/>
        <!-- comma separate which users are allowed to view these pages after logging in -->
        <deny users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="admin">
    <system.web>
      <authorization>
        <allow roles="ADMIN"/>
        <deny users="*"/>
      </authorization>
    </system.web>
  </location>
  <system.webServer>
  	<rewrite>
     <rules>
      <rule name="Rewrite All" stopProcessing="true">
            <match url="^(.*)$" />
            <conditions logicalGrouping="MatchAll">
                <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
                <add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
            </conditions>
            <action type="Rewrite" url="article.aspx" />
      </rule>
     </rules>
    </rewrite>
    <defaultDocument>
      <files>
        <clear/>
        <add value="default.aspx"/>
        <add value="index.html"/>
      </files>
    </defaultDocument>
    <validation validateIntegratedModeConfiguration="false"/>
    <modules runAllManagedModulesForAllRequests="true">
      <remove name="RadUploadModule"/>
      <add name="RadUploadModule" type="Telerik.Web.UI.RadUploadHttpModule" preCondition="integratedMode"/>
      <remove name="RadCompression"/>
      <add name="RadCompression" type="Telerik.Web.UI.RadCompression" preCondition="integratedMode"/>
    </modules>
    <handlers>
      <remove name="ChartImage_axd"/>
      <add name="ChartImage_axd" path="ChartImage.axd" type="Telerik.Web.UI.ChartHttpHandler" verb="*" preCondition="integratedMode"/>
      <remove name="Telerik_Web_UI_SpellCheckHandler_axd"/>
      <add name="Telerik_Web_UI_SpellCheckHandler_axd" path="Telerik.Web.UI.SpellCheckHandler.axd" type="Telerik.Web.UI.SpellCheckHandler" verb="*" preCondition="integratedMode"/>
      <remove name="Telerik_Web_UI_DialogHandler_aspx"/>
      <add name="Telerik_Web_UI_DialogHandler_aspx" path="Telerik.Web.UI.DialogHandler.aspx" type="Telerik.Web.UI.DialogHandler" verb="*" preCondition="integratedMode"/>
      <remove name="Telerik_RadUploadProgressHandler_ashx"/>
      <add name="Telerik_RadUploadProgressHandler_ashx" path="Telerik.RadUploadProgressHandler.ashx" type="Telerik.Web.UI.RadUploadProgressHandler" verb="*" preCondition="integratedMode"/>
      <remove name="Telerik_Web_UI_WebResource_axd"/>
      <add name="Telerik_Web_UI_WebResource_axd" path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResource" verb="*" preCondition="integratedMode"/>
    </handlers>
  </system.webServer>
</configuration>

DEFAULT.ASPX - location in the /login directory

Code:

<%@ Page Title="" Language="VB" MasterPageFile="~/masterpage.master" AutoEventWireup="false" CodeFile="default.aspx.vb" Inherits="login_default" %>

<asp:Content ID="Content1" ContentPlaceHolderID="head" Runat="Server">
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="ContentPlaceHolder1" Runat="Server">
    <div id="main-sub-container">
        <table align="center" cellpadding="2" class="style1">
            <tr>
                <td colspan="2">
                    The page or area you are trying to access requires you to be logged in. <br />
                    Please enter your user name and password to login.
                </td>
            </tr>
            <tr>
                <td>
                    &nbsp;
                </td>
                <td>
                    &nbsp;
                </td>
            </tr>
            <tr>
                <td>
                    User Name:
                </td>
                <td>
                    <asp:TextBox ID="txtUserName" runat="server" Width="250px"></asp:TextBox>
                </td>
            </tr>
            <tr>
                <td>
                    Password:
                </td>
                <td>
                    <asp:TextBox ID="txtPassword" runat="server" TextMode="Password" Width="250px"></asp:TextBox>
                </td>
            </tr>
            <tr>
                <td>
                    &nbsp;
                </td>
                <td>
                    <asp:Button ID="btnLoginAdmin" runat="server" Text="Login" />
                </td>
            </tr>
            <tr>
                <td>
                    &nbsp;
                </td>
                <td>
                    <asp:Label ID="lblStatus" runat="server" ForeColor="Red"></asp:Label>
                </td>
            </tr>
        </table>
    </div>
</asp:Content>

DEFAULT.ASPX.VB

Code:

Imports System.Data.SqlClient
Imports Utils
Partial Class login_default
    Inherits System.Web.UI.Page

    Protected Sub btnLoginAdmin_Click(sender As Object, e As System.EventArgs) Handles btnLoginAdmin.Click
        If txtUserName.Text = "" Then
            lblStatus.Text = "Error: User Name is required to login!"
        ElseIf txtPassword.Text = "" Then
            lblStatus.Text = "Error: Password is required to login!"
        Else

            Try
                Dim connString = ConfigurationManager.ConnectionStrings("DBConnectionString").ToString
                Dim sql As String = String.Format("SELECT * FROM Members WHERE MemberEmail='{0}' AND MemberPassword='{1}'", _
                                          SQLSafe(txtUserName.Text), SQLSafe(txtPassword.Text))
                Dim conn As SqlConnection = New SqlConnection(connString)
                Dim command As SqlCommand = New SqlCommand(sql, conn)
                conn.Open()
                Dim sqlReader As SqlDataReader = command.ExecuteReader()

                If sqlReader.Read = True Then

                    Response.Redirect("/admin/", True)
                       
                Else
                    lblStatus.Visible = True
                    lblStatus.Text = "Error: Invalid user name or password."
                End If

                conn.Close()
            Catch ex As Exception

                lblStatus.Text = "Error: Unable to connect to the database at this time."

            End Try

        End If
    End Sub

End Class

UTILS.VB

Code:

Imports System
Public Class Utils

    Public Shared Function SQLSafe(ByVal SQL As String) As String
        SQLSafe = SQL.Replace("'", "''")
    End Function

End Class

**gep13** · Aug 10th, 2012, 07:10 AM

Hello,

Have you stepped through the code in the debugger? Does it take the path that you would expect?

Have you tried taking off the URL rewriting, to see if it works?

Don't try to do too many things at once. Break things into smaller chunks, and make sure that they are working in isolation, before trying it as a whole.

Gary

**acrow** · Aug 11th, 2012, 07:36 PM

Apparently the issue I am running into is due to me rewriting the url. Any ideas on correcting this issue?

Thanks!

acrow

**gep13** · Aug 12th, 2012, 08:47 AM

Off the top of my head, unfortunately not. URL Rewriting is not something that I have really played with.

Gary

Thread: Forms Authentication help please!

Thread Tools

Display

Forms Authentication help please!

Re: Forms Authentication help please!

Re: Forms Authentication help please!

Re: Forms Authentication help please!

Posting Permissions