Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 103
  • Last Modified:

Forms Authentication roles not working

Hi, I have the code below that adds a user to a role after finding them in a database and is supposed to redirect to another page or the default. This does not seem to be happening and I am not sure why. It doesnt show an error but looks like it posts back to itself

FormsAuthentication.RedirectFromLoginPage(TextBox2.Text, False)

            If Not Roles.RoleExists("Admin") Then
                Roles.CreateRole("Admin")
            Else
                If Roles.IsUserInRole("Admin") Then
                    'do nothing
                Else
                    Roles.AddUserToRole(TextBox2.Text, "Admin")
                End If
            End If

Open in new window


My web.config is as follows;

  <location path="Admin">
    <system.web>
      <authorization>
        <allow roles="Admin"/>
        <deny users="*"/>
      </authorization>
    </system.web>
  </location>

Open in new window


<modules runAllManagedModulesForAllRequests="false">
      <remove name="FormsAuthenticationModule" />
      <add name="FormsAuthenticationModule" type="System.Web.Security.FormsAuthenticationModule" />
      <remove name="UrlAuthorization" />
      <add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule"  />
      <remove name="RoleManager" />
      <add name="RoleManager" type="System.Web.Security.RoleManagerModule" />
      <remove name="DefaultAuthentication" />
      <add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" />
    </modules>

Open in new window

0
takwirirar
Asked:
takwirirar
1 Solution
 
Shaun KlineLead Software EngineerCommented:
For the logic you are displaying in the first code block, is the following accurate?

You have a page that allows you to add users to a role (which I'm guessing is lines 3-11).
You are then testing when a user with admin permissions logs in (line 1), they are redirected to the page that requires admin permissions.

When you do this, are you confirming the user was added to the role in your database for your application? What membership provider are you using?
0
 
takwirirarAuthor Commented:
Shaun, I ended up creating a subdomain for admins and hosting it separately in IIS i.e. users.x.com and admin.x.com. Thanks
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now