To start with I a am a newbie and I know I have done this wrong, probably in my webconfig file. These are my settings in the webconfig file:
<forms name="appNameAuth" path="/" loginUrl="login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="xxx" password="xxx"/>
</credentials>
</forms>
</authentication>
<authorization>
<allow users="?"/>
</authorization>
For my login.aspx page, this is the function code for "ProcessLogin" for the OnClick event for the submit button:
Sub ProcessLogin(objSender As Object, objArgs As EventArgs)
If FormsAuthentication.Authenticate(txtUser.Text, txtPassword.Text) Then
FormsAuthentication.RedirectFromLoginPage(txtUser.Text, chkPersistLogin.Checked)
Else
ErrorMessage.InnerHtml = "<b>Nåt gick fel...</b> var vänlig och kontollera användarnamn samt lösenord..."
End If
End Sub
For the Default.aspx page, this is the onload function:
Sub Page_Load()
'verify authentication
If User.Identity.IsAuthenticated Then
'display Credential information
displayCredentials.InnerHtml = "Current User : <b>" & User.Identity.Name & "</b>" & _
"<br>"
'<br>Authentication Used : <b>" & User.Identity.AuthenticationType & "</b>"
Else
'Display Error Message
displayCredentials.InnerHtml = "Sorry, you have not been authenticated."
End If
End Sub
and for the same Default.aspx page, this is the funcion code for signing out of that page:
Sub SignOut(objSender As Object, objArgs As EventArgs)
'delete the users auth cookie and sign out
FormsAuthentication.SignOut()
'redirect the user to their referring page
Response.Redirect(Request.UrlReferrer.ToString())
End Sub
This is what is happening and what i want actually.
- The Default.aspx page is vissible for all, but it should only be accesed from the logon page.
- On load the Default.aspx page show the proper error message "Sorry, you have not been authenticated."
- When clicked the signOut button shows the proper error message "Sorry, you have not been authenticated."but does not revert back to the logon page
I have tested different setttings for the "allow users" and "deny users" with both ? and * but nothing gives me the behavior I desire
-Sohail