FishCake has just told me that I need to remove this line:
Code:
<allow users="*" />
But I was under the impression that this means ALL users who HAVE signed in can view the pages, and doing:
Code:
<deny users="?" />
Means that to view any page they must me signed in.

I have removed this line from my web.config file and yes, when I go to Main.aspx it redirects the user to the Login page. This works as I expected.
However, when I login I try and redirect the user to the main page, as you can see from my login code, but what actually happens is that it gets redirected BACK to my loginscreen even if you enter the valid username and password.

Am I doing something wrong?

Woof