Login page problem

mashour · November 18th, 2008, 02:25 PM

Following along with Marco Bellinaso's ASP.NET 2.0 Website Programming, I've reached Chapter 4, where Membership and User Profiling is created for the sample site.

For the authentication, I've used the following web.config commands:

<authentication mode="Forms">
<forms cookieless="AutoDetect" loginUrl="~/AccessDenied.aspx" name="TBHFORMAUTH" />
</authentication>

I have the login box on my master file so all pages have an instance of the login box. The problem is, when a user logs in with invalid credentials, the page they logged in from is refreshed, and no redirect to ~/AccessDenied.aspx happens.

I'm not sure what the problem is here. Anyone have an idea?

Lee Dumond · November 18th, 2008, 03:23 PM

Do you have the Login button set with CommandName="Login" ?

Visit my blog at http://leedumond.com

mashour · November 18th, 2008, 04:06 PM

The Login button does have the CommandName="Login"

Here is the code from Template.master (with HTML formatting removed):

Code:

<asp:LoginView ID="LoginView1" runat="server">
    <AnonymousTemplate>
        <asp:Login ID="Login" runat="server" Width="100%">
            <LayoutTemplate>
                Username:
               <asp:TextBox ID="UserName" runat="server" Width="95%"></asp:TextBox>
               <asp:RequiredFieldValidator ID="UserNameRequired" runat="server" ControlToValidate="UserName"
ErrorMessage="User Name is required." ToolTip="User Name is required." SetFocusOnError="true" ValidationGroup="Login" Text="*" />
                Password:
                <asp:TextBox ID="Password" runat="server" TextMode="Password" Width="95%"></asp:TextBox>
                <asp:RequiredFieldValidator ID="PasswordRequired" runat="server" ControlToValidate="Password"
ErrorMessage="Password is required." ToolTip="Password is required."
ValidationGroup="Login" Text="*" />
                <asp:CheckBox ID="RememberMe" runat="server" Text="Remember me" />
                <asp:ImageButton ID="Submit" runat="server" CommandName="Login" ImageUrl="~/images/go.gif"
ValidationGroup="Login" />   
            </LayoutTemplate>
        </asp:Login>
    </AnonymousTemplate>
    <LoggedInTemplate>

    </LoggedInTemplate>
</asp:LoginView>

mashour · November 18th, 2008, 04:07 PM

Also, a successful login works just fine. It's only when I enter invalid credentials do I not get the expected redirect.

Lee Dumond · November 18th, 2008, 04:55 PM

In the <asp:Login> tag, you are missing an important attribute.

<asp:Login ID="Login" runat="server" Width="100%" FailureAction="RedirectToLoginPage">

_________________________________

Visit my blog at http://leedumond.com

mashour · November 18th, 2008, 05:25 PM

Adding the FailureAction="RedirectToLoginPage" fixed the problem. Thanks Lee!