Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 632
  • Last Modified:

Unable to login using Forms authentication mode

Hi experts,

I've a small website that required admin log in to manage the content. First deployment, the website put into the URL: www.abc.com/test/admin/login.aspx, this work correctly.

Then I create a sub-domain and put my code into, then brow the URL: test.abc.com/admin/login.aspx, same username/password, same database, but unable to login to the administration module.

The web.config content:

<authentication mode="Forms">
      <forms name="form1" loginUrl="admin/login.aspx" protection="All" path="/" requireSSL="false" slidingExpiration="true" cookieless="UseCookies"/>
    </authentication>

Please help me to resolve it.
D.
0
dungla
Asked:
dungla
  • 6
  • 5
1 Solution
 
David H.H.LeeCommented:
Hi dungla,
So what is the error returned? Can you post the detailed errors here?
Lastly, post your application hierarchy here if something is diver from the original domain.
0
 
dunglaAuthor Commented:
There is no error, when I input the correct information (username/password) nothing happen to login form (still there)
0
 
David H.H.LeeCommented:
Quick check, try register -aspnet_regiis -i or copy "aspnet_client" folder under your sub-domain. It could be that JS configurations file problem.
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

 
dunglaAuthor Commented:
I can't, because permission from hosting server is not allow me to do that. But I will ask them to do that
0
 
David H.H.LeeCommented:
Ok, ask them to grant same settings that perform under your main domain. That should did the trick.
0
 
dunglaAuthor Commented:
Thanks you x_com, I will. Feedback later
0
 
David H.H.LeeCommented:
Ok, no problem dungla.
0
 
dunglaAuthor Commented:
Hi x_com,

Your solution don't work. They said that maybe the problem is the code.

I attached the code as well for your reference.
-- Login.aspx
<form id="form1" runat="server"> 
                <table width="585px" border="0" cellspacing="0" cellpadding="0">
                    <tr>
                        <td style="font:bold 15px/35px tahoma; text-align:center;">ng nh­p</td>
                    </tr>
                    
                    <tr>
                        <td>
                            <div>
                                <asp:Login ID="Login1" runat="server" FailureText="Incorrect information"
                                    PasswordLabelText="Password:" PasswordRequiredErrorMessage="Password cannot be blank."
                                    RememberMeText="Remember" TitleText="" UserNameLabelText="Username:"
                                    UserNameRequiredErrorMessage="Username cannot be blank." OnAuthenticate="Login1_Authenticate" DisplayRememberMe="False" 
                                    LoginButtonText="Login" LoginButtonStyle-CssClass="admin_login_button">
                                </asp:Login>
                            </div>
                        </td>
                    </tr>
                    <tr>
                        <td></td>
                        <td>
                        <asp:Label ID="Label1" runat="server" Text="" ForeColor="red"></asp:Label></td>
                        <td></td>
                    </tr> 
                </table>
            </form>
 
-- Login.aspx.cs
public partial class Admin_Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        string text2 = base.Request.QueryString["username"];
        string text3 = base.Request.QueryString["password"];
        if ((Request.QueryString["member"] != null)
            && (text2 != null) && (text3 != null))
        {
            CheckAuthenticateMember();
        }
        else if ((text2 != null) && (text3 != null))
        {
            CheckAuthenticate();
        }
    }
 
    protected void logoff()
    {
        FormsAuthentication.SignOut();
    }
    
    void CheckAuthenticate()
    {
        object[] objs = new object[] { Login1.UserName };
        DataTable dataTable1 = Common.List("SELECT * FROM [Memberships] where actived=1 and Username=? ", objs, "Memmberships");
        if (dataTable1.Rows.Count > 0)
        {
            if(dataTable1.Rows[0]["password"].ToString() != Login1.Password) return;
            
            string strMembershipsID = dataTable1.Rows[0]["MembershipsID"].ToString();
            string name = dataTable1.Rows[0]["Username"].ToString();
            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, name, DateTime.Now, DateTime.Now.AddMinutes(60), true, "admin");
            string text2 = FormsAuthentication.Encrypt(ticket);
            HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, text2);
            base.Response.Cookies.Add(cookie);
 
            Session["UserID"] = strMembershipsID;
            Session["UserName"] = name.Trim().ToLower();
            //roles: new, product, infomation, membership, uploadfile, contact, ad
            Session["new"] = dataTable1.Rows[0]["new"] == DBNull.Value ? 0 : Convert.ToInt32(dataTable1.Rows[0]["new"]);
            Session["product"] = dataTable1.Rows[0]["product"] == DBNull.Value ? 0 : Convert.ToInt32(dataTable1.Rows[0]["product"]);
            Session["infomation"] = dataTable1.Rows[0]["infomation"] == DBNull.Value ? 0 : Convert.ToInt32(dataTable1.Rows[0]["infomation"]);
            Session["membership"] = dataTable1.Rows[0]["membership"] == DBNull.Value ? 0 : Convert.ToInt32(dataTable1.Rows[0]["membership"]);
            Session["uploadfile"] = dataTable1.Rows[0]["uploadfile"] == DBNull.Value ? 0 : Convert.ToInt32(dataTable1.Rows[0]["uploadfile"]);
            Session["contact"] = dataTable1.Rows[0]["contact"] == DBNull.Value ? 0 : Convert.ToInt32(dataTable1.Rows[0]["contact"]);
            Session["ad"] = dataTable1.Rows[0]["ad"] == DBNull.Value ? 0 : Convert.ToInt32(dataTable1.Rows[0]["ad"]);
            Session["fly"] = dataTable1.Rows[0]["fly"] == DBNull.Value ? 0 : Convert.ToInt32(dataTable1.Rows[0]["fly"]);
            Session["khoahoc"] = dataTable1.Rows[0]["khoahoc"] == DBNull.Value ? 0 : Convert.ToInt32(dataTable1.Rows[0]["khoahoc"]);
            Session["register"] = dataTable1.Rows[0]["register"] == DBNull.Value ? 0 : Convert.ToInt32(dataTable1.Rows[0]["register"]);
            Session["event"] = dataTable1.Rows[0]["event"] == DBNull.Value ? 0 : Convert.ToInt32(dataTable1.Rows[0]["event"]);
            
            string url = FormsAuthentication.GetRedirectUrl(name, true);
            if (url.EndsWith("default.aspx"))
            {
                url = "default.aspx";
            }
            Response.Redirect(url, true);
        }
        else
        {
            if (Request.QueryString["member"] == null)
            {
                Login1.FailureText = "Không úng thông tin ng nh­p. Hãy ng nh­p l¡i.";
            }
        }
 
 
    }
 
    void CheckAuthenticateMember()
    {
        object[] objs = new object[] { Login1.UserName, Login1.Password };
        DataTable dtmChk = Common.List("SELECT usersID,Username FROM [users] where actived=1 and Username=? and password=?", objs, "Memmberships");
        
        DataTable dataTable1 = Common.List("SELECT usersID,Username FROM [users] where actived=1 and Username=? and password=? and (ExpiredDate is not null) and (DATEDIFF(day,getdate(),ExpiredDate )>=0)", objs, "Memmberships");
        if (dtmChk.Rows.Count==1 && dataTable1.Rows.Count==0)
        {
            Login1.FailureText = "Expired";
            return;
        }
                if (dtmChk.Rows.Count == 1 && dataTable1.Rows.Count > 0)
        {
            string strusersID = dataTable1.Rows[0]["usersID"].ToString();
            string name = dataTable1.Rows[0]["Username"].ToString();
            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, name, DateTime.Now, DateTime.Now.AddMinutes(60), true, "admin");
            string text2 = FormsAuthentication.Encrypt(ticket);
            HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, text2);
            base.Response.Cookies.Add(cookie);
 
            Session["UserID"] = strusersID;
            Session["UserName"] = name.Trim().ToLower();
            
            string url = FormsAuthentication.GetRedirectUrl(name, true);
            if (url.EndsWith("default.aspx"))
            {
                url = "../member/member_record.aspx?MenuSelected=member&UsersID=" + strusersID;
            }
            Response.Redirect(url, true);
        }
    }
    
    protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
        if ((Request.QueryString["member"] != null))
        {
            CheckAuthenticateMember();
        }
        else 
        {
            CheckAuthenticate();
        }
    }
}

Open in new window

0
 
David H.H.LeeCommented:
Hi dungla,
Sorry for the delay reply.
Ok, try check these following steps to resolve this problem:
1. check their .net framework version that used
2. put the existing code intro try/catch block to inspect further errors.
eg:
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
       try{
 
      if ((Request.QueryString["member"] != null))
        {
            CheckAuthenticateMember();
        }
        else
        {
            CheckAuthenticate();
        }

       }catch (Exception e){
           Response.write("error: " + e.ToString());
        }  
    }
3. check any different configurations or permissions settings that not same with main domain?
4. try check if a simple Response.redirect() work in the application.
eg:
protected void Page_Load(object sender, EventArgs e)
  Response.redirect("http://google.com",false);
}
0
 
dunglaAuthor Commented:
Hosting using asp.net 2.0. I'll try your way later when back to my desk
0
 
David H.H.LeeCommented:
Ok, no problem.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now