Hi All,

I am trying to setup a Login Page and I am having troubles. Everytime I input my Username and Password, the page redirection should go to my Default.aspx page... but it doesn't. It just reloads the Login Page. However, when I type an incorrect username and password, the intended message actually returns what I want, "Login Failed. Please try again".

This is what I did:
1.) I created the dataset for the Login Page asking it to check with the database (MSAccess)
2.) After the </form> tag I entered the following code:

<%
if dsLogin.RecordCount > 0 then
Session("sessUsername") = Request.Form("tfUsername")
FormsAuthentication.RedirectFromLoginPage("tfUsern ame.value", true)
else if ((Request.Form("tfUsername"))) <> Nothing _
OR ((Request.Form("tfPassword"))) <> Nothing
response.Write("Login Failed. Please Try Again.")
end if
%>

3.) I created a Default.aspx page to say "Thank You. Please click the button below to continue"
4.) I then added the following code to my web.config file:
    <system.web>
    <customErrors mode="Off" />
    <authentication mode="Forms">
    <forms name = "SECAUTH" loginUrl="Login.aspx">
    <credentials />
    </forms>
    </authentication>
    <authorization>
    <deny users="?" />
    </authorization>
    </system.web>

... in between the </appSettings> and </configuration> sections

5.) I created the application in IIS

So, it should work right? Nope. I type in my username and password, and it reloads the original Login Page. It should be accessing the next page that I called Default.aspx which returns a simple Thank You......

Can someone help me?

Thx,
Jim

Hey,

Can you actually go to the default.aspx page after you login successfully? In addition, how do you validate the users?

And lastly, this may be your issue, you need a:

<allow users="*"/>

after the <deny>. This allows authenticated users to access the web site.

Brian

Hi,

Thanks for replying. No I can't even view any other file. When I open any file (other pages that I created), it opens the Login Page. As you mentioned, I added <allow users="*"/> after the <deny> in web.config.

When I type in the Login and Password, the new page (which is the login page AGAIN), shows the following in the address bar:

http://localhost/LeanSigma-ASP/Login...2fdefault.aspx

So, its trying to get to the Default Page, but it just doesn't load. The Login Page just keeps showing. No other page is viewable.

Any thoughts?
Jim

In the default page, are you manually redirecting to the login page? What does your default page look like?

Brian

Hi Brian,

Thanks for your help. I placed <allow users="*"/> before the <deny users="?" /> and it worked. I had it the other way around.

Thanks a bunch.

The webconfig file now reads
        <system.web>
    <customErrors mode="Off" />
    <authentication mode="Forms">
    <forms name = "SECAUTH" loginUrl="Login.aspx">
    <credentials />
    </forms>
    </authentication>
    <authorization>
    <allow users="*"/>
    <deny users="?" />
    </authorization>
    </system.web>

Thanks again..
Jim

i think that the order should be
    <deny users="?" />
        <allow users="*" />

Ahmed Ali
Software Developer

Hi, I have the same problem but only in IE. The site works in Firefox.

After clicking on the login button, the page redirects to itself.
But if I type default.aspx after the above, I can access the site.

Any help is appreciated.

Thanks

... can I just ask Sullivan; how does the password being validated in this code..?

Med vennlig hilsen
grstad