I am wondering if anyone can help me.
I have designed a dynamic website using asp .NET and need to create a login for a secure area to access a database (using MSDE) I have got the thing to work locally (IE On the machine the website is stored) but when I try to test it out over my LAN, I can seem to get access to the secure data. I am a newbie at ASP, but no one on the beginners page seemed to be able to help so I thought I'd try here.
Below is the web.config code:
<configuration>
<appSettings>
</appSettings>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name=".ASPXAUTH"
loginUrl="login.aspx"
protection="Validation"
timeout="999999" />
</authentication>
<!--
The <authorization> section enables developers/administrators to configure
whether a user or role has access to a particular page or resource. This is
accomplished by adding "<allow>" and "<deny>" sub-tags beneath the <authorization>
section - specifically detailing the users/roles allowed or denied access.
Note: The "?" character indicates "anonymous" users (ie: non authenticated users).
The "*" character indicates "all" users.
-->
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
And below is the code for login.aspx
<%@ Page Language="
VB" ContentType="text/html" ResponseEncoding="iso-8859-1" %>
<%@ Register TagPrefix="MM" Namespace="DreamweaverCtrls" Assembly="DreamweaverCtrls,version=1.0.0.0,publicK eyToken=836f606ede05d46a,culture=neutral" %>
<%@ Import Namespace="System.Web.Security"%>
<MM:DataSet
id="DataSet1"
runat="Server"
IsStoredProcedure="false"
ConnectionString='<%# System.Configuration.ConfigurationSettings.AppSett ings("MM_CONNECTION_STRING_Test") %>'
DatabaseType='<%# System.Configuration.ConfigurationSettings.AppSett ings("MM_CONNECTION_DATABASETYPE_Test") %>'
CommandText='<%# "SELECT * FROM dbo.USERS WHERE userName = @userName and password = @password" %>'
Expression='<%# IsPostBack %>'
Debug="true"
><Parameters>
<Parameter Name="@userName" Value='<%# IIf((Request.Form("txt_user") <> Nothing), Request.Form("txt_user"), "") %>' Type="NVarChar" />
<Parameter Name="@password" Value='<%# IIf((Request.Form("UserPass") <> Nothing), Request.Form("UserPass"), "") %>' Type="NVarChar" />
</Parameters></MM:DataSet>
<MM:PageBind runat="server" PostBackBind="true" />
<Script runat="server">
Sub Page_Load(Src As Object, E As EventArgs)
If Not IsPostBack Then
Validate()
End If
End Sub
</Script>
<html>
<head>
<title>Login page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<%
if DataSet1.recordcount > 0 then
FormsAuthentication.RedirectFromLoginPage(txt_User .Text,true)
else if ((Request.Form("UserPass"))) <> Nothing OR ((Request.Form("txt_user"))) <> Nothing
response.Write("Login failed. Please try again.")
end if
%>
rest of page here
Can anyone offer any suggestions?
Thanks in advance
---
David Thorne, Student
UK