stackoom
  简体   繁体   中英

IIS7 & forms authentication

 原文  2012-02-14 14:31:07       asp.net/ iis/ forms-authentication

Question

I've been struggling with this all day. I am trying to add forms authentication to my asp.net web site.

I have disabled Anonymous, Windows, ASP.NET Impersonation and enabled Forms Authentication.

I have created a Login.aspx page and have a Default.aspx page. Default.aspx is the default document.

I have added to web.config: 

<authentication mode="Forms"/>

This is the behaviour I am experiencing:

1) When testing with http:\\localhost\\ I get a 401.2 error on the application root.

2) When testing with http:\\localhost\\Default.aspx I get a 401.2 error on Login.aspx, so redirection is happening but the Login.aspx is giving the error.

So it seems I have no access to any pages on the website even Default.aspx & Login.aspx.

But I canot find a solution, I have even tried: 

  <location path="Default.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>

  <location path="Login.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>

But this doesn't seem to change anything.

I have also tried 

<authentication mode="Forms">
  <forms loginUrl="Login.aspx" />
</authentication>

But this doesn't do anything different either.

Also if I revert to Anonymous or Windows Authentication then the default document redirection works.

I am using asp.net 3.5 on IIS7 on Vista Business.

Please help!

2 answers

solution1
 2 ACCPTED  2012-02-14 14:59:23

disabling windows authentication, anonymous user etc on your application in IIS will change the settings about the website identity, not the user membership settings!

If you want to enable authentication on your website for your users you can even leave the anonymous user and windows authentication enabled, so IIS will accept all the request coming to the webserver. You can then use form authentication (implemented with the SignIn method in the login page) to grant your visitors access to only certain parts of the website using the asp.net membership. Have a look at this article about Forms authentication and this one about authorization issues on IIS.

solution2
 0  2014-01-13 05:13:03

Allow anonymous access to folder in IIS and code the below mentioned statements in web.config : 

<authorization>
  <deny users="?" />
</authorization>

After adding these statements, you would be redirected to login page whenever you try to navigate to authenticated page,without authentication.

At login page, you will need to generate an authentication ticket after successful login only, to navigate through authenticated pages.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Forms Authentication Between IIS6 and IIS7 Servers Asp.net forms authentication cookie not honoring timeout with IIS7 Site-level forms authentication w/IIS7 IIS7 IUSR account permissions not working with forms authentication and file upload Windows Authentication IIS7 windows authentication in iis7 IIS7 Mixed Mode Authentication iis7 integrated mode asp.net 4.0 forms authentication problem using IE8 Share forms authentication cookie between parent and child application IIS7 .Net 4.0 Windows Server 2008, IIS7 and Windows Authentication
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM