Trouble with forms authentication

I am trying to password protect a subdirectory using forms authentication. I
am using the "Location" tag to specify the directory to be protected. The
login.aspx page is in the root directory of the app. Here is the web.config:
<location path="Admin">
<system.web>
<authentication mode="Forms">
<forms name="authAdmin" loginUrl="Login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="Admin" password="pass"/>
<user name="Ashlyinn" password="pass"/>
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
The problem is event if I put in the proper valid credentials authorization
fails.
Any suggestions?
Thanks, Justin.Hey Justin,
When u mean authorization do u mean th user can login but he is not
getting the appropriate resources?
That means is he authenticated?
"Justin" wrote:

> I am trying to password protect a subdirectory using forms authentication.
I
> am using the "Location" tag to specify the directory to be protected. The
> login.aspx page is in the root directory of the app. Here is the web.confi
g:
> <location path="Admin">
> <system.web>
> <authentication mode="Forms">
> <forms name="authAdmin" loginUrl="Login.aspx" protection="All" timeout="
30">
> <credentials passwordFormat="Clear">
> <user name="Admin" password="pass"/>
> <user name="Ashlyinn" password="pass"/>
> </credentials>
> </forms>
> </authentication>
> <authorization>
> <deny users="?"/>
> </authorization>
> </system.web>
> </location>
> The problem is event if I put in the proper valid credentials authorizatio
n
> fails.
> Any suggestions?
> Thanks, Justin.
No, the user is not authenticated at all, meaning it goes to the else
statement in the code below no matter what:
private void Login_Click(object sender, System.EventArgs e)
{
if (FormsAuthentication.Authenticate(Email.Text, Password.Text))
{
FormsAuthentication.RedirectFromLoginPage(Email.Text, false);
}
else
{
lblStatus.Text = "Authentication Failed.";
}
}
"Patrick.O.Ige" wrote:
> Hey Justin,
> When u mean authorization do u mean th user can login but he is no
t
> getting the appropriate resources?
> That means is he authenticated?
>
> "Justin" wrote:
>
Ok Justin so No authentication at al!!
Are u sure u have all the right settings?
First check to see whether u have Anonymous Auth checked in IIS.
Got to ur WebServer and right click on ur Virtual Directory of ur
Application >Go to Properties >Directory security TAB> On the Anonymouse
Access and Auth control
click EDIT and make sure u check Anonymous access!
Also make sure u have :- <identity impersonate="true" /> placed in ur
web.config
Try all that!
Let me know if it works for u..if not post ur Question.
"Justin" wrote:
> No, the user is not authenticated at all, meaning it goes to the else
> statement in the code below no matter what:
> private void Login_Click(object sender, System.EventArgs e)
> {
> if (FormsAuthentication.Authenticate(Email.Text, Password.Text))
> {
> FormsAuthentication.RedirectFromLoginPage(Email.Text, false);
> }
> else
> {
> lblStatus.Text = "Authentication Failed.";
> }
> }
>
> "Patrick.O.Ige" wrote:
>
Well, unfortunetly it still does not work. I am sure its something simle but
sometimes simple problems are hard to fix.
Thanks for the help.
Justin.
"Patrick.O.Ige" wrote:
> Ok Justin so No authentication at al!!
> Are u sure u have all the right settings?
> First check to see whether u have Anonymous Auth checked in IIS.
> Got to ur WebServer and right click on ur Virtual Directory of ur
> Application >Go to Properties >Directory security TAB> On the Anonymouse
> Access and Auth control
> click EDIT and make sure u check Anonymous access!
> Also make sure u have :- <identity impersonate="true" /> placed in ur
> web.config
> Try all that!
> Let me know if it works for u..if not post ur Question.
>
> "Justin" wrote:
>
Just try looking through ur code carefully ok!
Justin try looking through:-Forms Authentication here:-
http://samples.gotdotnet.com/quickstart/aspplus/
or
http://support.microsoft.com/defaul...r />
0&SD=MSDN
or
http://www.costudio.com/form_auth.asp
"Justin" wrote:
> Well, unfortunetly it still does not work. I am sure its something simle b
ut
> sometimes simple problems are hard to fix.
> Thanks for the help.
> Justin.
> "Patrick.O.Ige" wrote:
>
This link shoud help for sure:-
http://www.15seconds.com/issue/020220.htm
And by the way in ur Web.Config why don't u do:-
<configuration>
<system.web>
<customErrors mode="Off"/>
<authentication mode="Forms">
<forms name="appNameAuth" path="/" loginUrl="login.aspx"
protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="jeff" password="test" />
<user name="mike" password="test" />
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
And then if u want to perform Auhtorization use the location PATH and specif
y
whch users can see access contents of a particular FOLDER!
GDLUCK
"Patrick.O.Ige" wrote:
> Just try looking through ur code carefully ok!
> Justin try looking through:-Forms Authentication here:-
> http://samples.gotdotnet.com/quickstart/aspplus/
> or
> http://support.microsoft.com/defaul.../>
240&SD=MSDN
> or
> http://www.costudio.com/form_auth.asp
>
>
> "Justin" wrote:
>
Ok, I am getting closer to getting this to work the only problem is that
after loging in it redirects to default.aspx in the root directory instead o
f
admin/default.aspx.
How do I manualy set redirect url?
"Patrick.O.Ige" wrote:
> This link shoud help for sure:-
> http://www.15seconds.com/issue/020220.htm
> And by the way in ur Web.Config why don't u do:-
> <configuration>
> <system.web>
> <customErrors mode="Off"/>
> <authentication mode="Forms">
> <forms name="appNameAuth" path="/" loginUrl="login.aspx"
> protection="All" timeout="30">
> <credentials passwordFormat="Clear">
> <user name="jeff" password="test" />
> <user name="mike" password="test" />
> </credentials>
> </forms>
> </authentication>
> <authorization>
> <deny users="?" />
> </authorization>
> </system.web>
> </configuration>
> And then if u want to perform Auhtorization use the location PATH and spec
ify
> whch users can see access contents of a particular FOLDER!
> GDLUCK
>
>
> "Patrick.O.Ige" wrote:
>