Solved

aspx Login not working in Internet Explorer

Posted on 2010-11-10
6
781 Views
Last Modified: 2012-05-10
I have a side that I created in Visual Studio 2010. It has a login that protects a particular folder. I am using a CustomMembershipProvider (using SQL) for the login. In Chrome and FF, it works fine. In IE, it is stuck on the login page.

I also tried putting the code directly into the login form in the Authenticate code, and that doesn't work either.

Here is my web.config:

      <location path="Admin">
            <system.web>
      <customErrors mode="Off" />
                  <authorization>
                        <deny users="?"/>
                        <allow users="*"/>
                  </authorization>
            </system.web>
      </location>
      <system.web>
            <compilation debug="true">
                  <assemblies>
                        <add assembly="System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
                        <add assembly="System.Web.Extensions.Design, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
                        <add assembly="System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
                        <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
                        <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
                        <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
                        <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/></assemblies></compilation>
            <authentication mode="Forms">
                  <forms name="vasWebAuthCookie" timeout="5" loginUrl="Login.aspx" defaultUrl="Admin/default.aspx" path="Admin" protection="All"/>
            </authentication>
            <membership defaultProvider="AspNetCustomMembershipProvider">
                  <providers>
                        <clear/>
                        <add name="AspNetCustomMembershipProvider" type="CustomMembershipProviderLib.CustomMembershipProvider"/>
                  </providers>
            </membership>

..... (there's a lot more....)

In the code that's written directly into the login page, it gets to the response.redirect, and looks like it processes, and does nothing.

Please help! I am desperate!


protected void LoginUser_Authenticate(object sender, AuthenticateEventArgs e)

    {

        string sConn = System.Web.Configuration.WebConfigurationManager.ConnectionStrings["vaswebcomConnectionString1"].ToString();

        SqlConnection conn = new SqlConnection(sConn);

        conn.Open();



        TextBox tUser =(TextBox) this.LoginUser.FindControl("UserName");

        TextBox tPassword = (TextBox) this.LoginUser.FindControl("Password");



        SqlCommand cmd = new SqlCommand("SELECT * FROM tblAdmin WHERE sUserID = '" + tUser.Text.ToString() +

            "' AND sPassword = '" + tPassword.Text.ToString() + "'", conn);



        SqlDataReader dr = cmd.ExecuteReader();

        if (dr.Read())

            e.Authenticated = true;

        else

            e.Authenticated = false;





        conn.Close();

        string sRedirect = Request.QueryString["ReturnURL"].ToString();

        Response.Redirect("Default.aspx", false);

    }

Open in new window

0
Comment
Question by:VeeVan
  • 4
6 Comments
 
LVL 1

Author Comment

by:VeeVan
Comment Utility
Well, it appears I lied. The code ONLY works in Chrome. Not in FF. and definitely NOT in IE.
Help!
0
 
LVL 51

Expert Comment

by:HainKurt
Comment Utility
"it is stuck on the login page": any error code? whats happening?
0
 
LVL 1

Accepted Solution

by:
VeeVan earned 0 total points
Comment Utility
Ugh. OK. I figured it out. I removed the Path attribute from the web.config forms tag and it's now saving the cookie the way it's supposed to. Sheesh.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 52

Expert Comment

by:Carl Tawn
Comment Utility
You could try replacing these two lines:

        string sRedirect = Request.QueryString["ReturnURL"].ToString();
        Response.Redirect("Default.aspx", false)

With:

        FormsAuthentication.RedirectFromLogin();

The RedirectFromLogin makes a call to SetAuthCookie() internally, the fact that you are not setting it before redirecting may be your issue.
0
 
LVL 1

Author Comment

by:VeeVan
Comment Utility
Sorry guys. I hate it when I post a question and then answer it right away myself, but this has been plaguing me all morning.
I appreciate the help.
0
 
LVL 1

Author Closing Comment

by:VeeVan
Comment Utility
I figured it out. The path in forms is the path to the COOKIE, not the path to the directory. (Duh.) once i removed that, it worked fine without my juryrigged code.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Introduction Hi all and welcome to my first article on Experts Exchange. A while ago, someone asked me if i could do some tutorials on object oriented programming. I decided to do them on C#. Now you may ask me, why's that? Well, one of the re…
User art_snob (http://www.experts-exchange.com/M_6114203.html) encountered strange behavior of Android Web browser on his Mobile Web site. It took a while to find the true cause. It happens so, that the Android Web browser (at least up to OS ver. 2.…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now