I have a site where I have a admin.aspx page.
Once the user has logged into the Admin.aspx page successfully, they will then be redirected to the Report.aspx page. Note that the Report.aspx page cannot be accessed without first successfully logging into Admin.aspx page.
Keep in mind that there are other pages like index.aspx, etc which any user can view without logging in. I just need the authentication for JUST the Report.aspx page.
I have the following code but does not seem to work as it says problem with virtual directory. Am I doing something fundamentally wrong?
<location path="Report.aspx">
<system.web>
<authentication mode="Forms">
<forms loginUrl="Login.aspx" >
<credentials passwordFormat="Clear">
<user name="John" password="pass@432"/>
</credentials>
</forms>
</authentication>
<authorization>
<deny users="*" />
</authorization>
</system.web>
</location>
First it seems you are not allowing your user John. You also might want to try pulling the authentication section of out of the locaiton specific parts of the config file:
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="Login.aspx" defaultUrl="Report.aspx">
<credentials passwordFormat="Clear">
<user name="John" password="pass@432"/>
</credentials>
</forms>
</authentication>
</system.web>
<location path="Report.aspx">
<system.web>
<authorization>
<allow users="John"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
</configuration>
To redirect the user after a successful login, use the DestinationPageUrl property.
<%@ Page Language="C#" autoEventWireup="false" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
void PageLoad(Object sender, EventArgs e)
{
Login1.DestinationPageUrl =
String.Format("terms.aspx?{0}", Request.QueryString.ToString());
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>ASP.NET Example</title>
</head>
<body>
<form id="form1" runat="server">
<asp:Login id="Login1" runat="server"
DestinationPageUrl="terms.aspx">
</asp:Login>
</form>
</body>
</html>
In web.config file:
<location path="Default.aspx">
<system.web>
<authorization>
<allow roles="Administrator, User, AdditionalUser" />
</authorization>
</system.web>
</location>
ASP.NET Forms Auth Allowing access to specific file in subdirectory when all others should be denied
http://weblogs.asp.net/gurusarkar/archive/2008/09/29/setting-authorization-rules-for-a-particular-page-or-folder-in-web-config.aspx
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 我命由我不由天 的文章《How do I configure ASP.net forms authentication to》','https://www.manongdao.com/article-941940.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}