Solved

Cannot get Forms authentication to work.

Posted on 2006-10-25
3
319 Views
Last Modified: 2008-01-09
I'm using ASP.NET 2.0 and have opted to not use the membership and roles provider as the application will only have 2-3 users that actually need to look in.  So I'm trying to use the old FormAuthenticate method and am having trouble.  Here's what I have (the key details):

Login.aspx: (in the root directory)

    <form id="form1" runat="server">
    <div>
        <br />
        <asp:TextBox ID="txtUserName" runat="server"></asp:TextBox><br />
        <asp:TextBox ID="txtPassword" runat="server" TextMode="Password"></asp:TextBox>
        <asp:Button ID="btnAuthenticate" runat="server" OnClick="btnAuthenticate_Click" Text="Button" />
    </div>
    </form>

Login.aspx.cs:

    protected void btnAuthenticate_Click(object sender, EventArgs e)
    {
        if ( FormsAuthentication.Authenticate( txtUserName.Text, txtPassword.Text ))
        {
             FormsAuthentication.RedirectFromLoginPage( txtUserName.Text, false);
        }
        else
            Response.Write( "You are not allowed to view that page with he credentials you've supplied." );
    }

Web.config (root):  

  <system.web>
    <authentication mode="Forms">
      <forms loginUrl="Login.aspx" name="DHWebAuth" timeout="15">
        <credentials>
          <user name="admin" password="admin123" />
        </credentials>
      </forms>  
    </authentication>

    <sessionState mode="Off" />
    <compilation debug="true"/>

    <customErrors mode="Off" defaultRedirect="~/CatchAllErrorPage.aspx">
        <error statusCode="404" redirect="~/FileNotFound.aspx" />
    </customErrors>
  </system.web>  

Web.config (Admin directory, the admin directory is contained in the root directory):

<?xml version="1.0"?>

<configuration>
    <system.web>
      <authorization>
        <allow users="admin" />
        <deny users="*" />
      </authorization>
    </system.web>
</configuration>  


Every time I try to access a web page in the admin directory, it sends me to Login.aspx, which is good.  When I type in the credentials, the else statement always executes.  I've debugged and stepped through and Forms.Authenticate( txtUserName.Text, txtPassword.Text ) always returns false.  

Can anyone assist?  Thanks in advance!      
0
Comment
Question by:LA_Code_Poet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 12

Accepted Solution

by:
sandip132 earned 400 total points
ID: 17809151
REmove your authentication and authorization Tags from Web.Config and add the followwing....

<authentication mode="Forms">
            <forms name="DHWebAuth" path="/" loginUrl="Login.aspx" protection="All" timeout="15">
                <credentials passwordFormat="Clear">
                   <user name="admin" password="admin123" />
                </credentials>
            </forms>
        </authentication>

        <authorization>
            <deny users="?" />
          <allow users="admin" />
        </authorization>

Regards,
Sandip.
0
 
LVL 12

Assisted Solution

by:deanvanrooyen
deanvanrooyen earned 100 total points
ID: 17809159
try something like so

<configuration>
    <system.web>
        <customErrors mode="Off"/>
        <authentication mode="Forms">
            <forms name="appNameAuth" path="/" loginUrl="login.aspx" protection="All" timeout="30">
                <credentials passwordFormat="Clear">
                    <user name="jeff" password="test" />
                    <user name="mike" password="test" />
                </credentials>
            </forms>
        </authentication>
        <authorization>
            <deny users="?" />
        </authorization>
    </system.web>
</configuration>
0
 

Author Comment

by:LA_Code_Poet
ID: 17809313
The thing that makes it work is passwordFormat.  That's the only thing I changed and now it works perfectly.

I looked it up after I got the fix and discoved the default is SHA1, which was what was causing the problem.  I'll have to look using that mode up in MD5 when I get some free time .

Thanks.  
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses the ASP.NET AJAX ModalPopupExtender control. In this article we will show how to use the ModalPopupExtender control, how to display/show/call the ASP.NET AJAX ModalPopupExtender control from javascript, how to show/display/cal…
In this Article, I will provide a few tips in problem and solution manner. Opening an ASPX page in Visual studio 2003 is very slow. To make it fast, please do follow below steps:   Open the Solution/Project. Right click the ASPX file to b…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question