In my web application i want to redirect to login page, which is in the same folder[admin folder], when i type like
"xxx.com/admin" it is redirect to login.aspx page which is in admin folder.
for this i place one index.html page and write meta tag code, even though it is not redirect to loginpage. it is going to index.aspx page. shall i have to remove this index.aspx page, i have default page also there in admin folder. can u help me.
If you are using IIS 7.5 take a look at the UrlRewrite 2 Module http://www.iis.net/download/urlrewrite
If you are using IIS 6 you can use the asp.net 2 url rewriting technique, but the xxx.com/admin/default.aspx needs to be physically existing to allow redirects to happen
Add this to your Web.config:
<authentication mode="Forms" >
<forms loginUrl="login.aspx" name=".ASPXFORMSAUTH" />
</authentication>
This will redirect users to your loginUrl if they try to access a protected page when they are not authenticated.
You should probably read up on Forms Authentication in asp.net to get all of the dirty details.
Here is an explanation of how you can add additional default documents to IIS. Default documents are used to try and determine which page a user should be directed to when they don't specify a specific page (your xxx.com/admin example)
Related
The way I have it now, Default.aspx is empty and has a code behind to Default.aspx.cs, which either redirects them to Login.aspx or Home.aspx depending on if the request is authenticated or not.
Default.aspx is just out there doing nothing. It just seems like there ought to be a more elegant approach to this.
Any ideas would be great!
In my opinion, the most elegant way to do this is to make use of web.config. You can specify, the login page here that the unauthenticated user will automatically be redirected to:
<authentication mode="Forms">
<forms loginUrl="~/Login/LogOn.aspx" />
</authentication>
<authorization>
<deny users="?"/>
</authorization>
Apart from this, you can also specify which users are granted access to pages in current folder through the authorization tag.
This should be a configured at the IIS level; meaning, you can configure the Default landing page of your app to be Home.aspx. And Home.aspx should automatically redirect to Login.aspx if the user is not logged in. See below screenshot from IIS Manager:
Select your WebApp from the list --> Double click on "Default Document".
No, IIS needs that placeholder to know it's there to serve as the default document.
EDIT: While it is technically possible to change these, it's just not worth it in the long run. Much better to follow convention and move home.aspx to default.aspx.
I have a website hosted on GoDaddy. Url is www.boatronix.com. The files Reside in a folder '/boatronix' which in turn is in a folder '/_sites.' I have a master page which contains a SiteNav.ascx (that sits in a "Controls" folder under the root directory) and it has page links all with urls of "../sales.aspx" or "../operations.aspx" and so on. When I go to one of the pages, all in the same root directory, I get a page with an address bar above "boatronix.com/sales.aspx" just like it should.
I also have ASP.net membership Login Controls on the master page, and one of the nav links points to a restricted page. When I am redirected to login.aspx from either route (requesting the restricted page OR clicking the 'login' button in the loginStatus control) I am taken to the login.aspx, but with an address bar above that is now appended "boatronix.com/_sites/boatronix/login.aspx."
Problem: this is an undesireable result, because the returnUrl in the query string, and then every subsequent page request is then searched as "boatronix.com/_sites/boatronix/page.aspx" and so my nav links are all now broken.
My question: Is the scripting for the login controls' 'doPostBack' functionality to blame--this is what GoDaddy's tech line tells me is the problem; OR, do I need to fix this in IIS, or in my code, or my web.config? (for instance, setting any virtual directory rules)
If you go to the site "www.boatronix.com" and click the "Login" link on the upper right, you'll see what happens as the page request seems to trace back one directory from '/boatronix' to '_sites' and then proceed from there--I'm trying to stop it from doing that and keep in the root directory.
Thx much for looking and any suggestions.
Very hard to figure out what your issue is without seeing your site's structure completely, but it sounds like you'll need to adjust your login page URL in your Web.Config.
When you access any protected page ASP.NET will direct you to the login url with the referring page in the query string parameter with the key ReturnURL. If you want to adjust where that redirect goes to then you need to adjust the loginUrl location in the Web.Config.
Such as
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" />
</authentication>
See: Authentication Web.Config on MSDN
This is a small thing but it is driving me crazy and I am hoping that an IIS expert can help.
The scenario is simple:
IIS is configured so that "default.aspx" is the default document for
a site.
Forms authentication is on and the loginUrl is default.aspx
and defaultURL is default.aspx
In web.config, the default.aspx document has an authorization of ' * ' (anyone can access)
When I navigate to the site with just the base url: www.somesite.com the URL comes back with: www.somesite.com/default.aspx?ReturnUrl=%2f
If I navigate to the full name (www.somesite.com/default.aspx) it does not have the ReturnUrl. So, why, when IIS adds the name, do we get the weird redirect but not when we type it?
You need to add <allow users="?" /> to allow non-logged-in users too.
I built a simple site which has an open section and admin page, which you can get to, only after loging in.
I implemented the default asp .net login control.
The problem is, after successful login (the login page is called admin.aspx) I want to redirect to another page called groups.aspx (redirecting it by code - Response.Redirect("AdminTools\\Groups.aspx") ), but instead I get an error "The resource cannot be found.", which says that cannot find "login.aspx". The problem is I don't have a page called login.aspx in my site, and I can't manage to find the place where I can configure it.
Always use ~ root operator.
Response.Redirect("~/AdminTools/Groups.aspx")
You can configure your own login url by setting the LoginUrl in web.config.
<authentication mode="Forms">
<forms loginUrl="~/mylogin.aspx">
</forms>
</authentication>
I have read the many posts of people trying to use two different login pages: one for users and one for admins. My question is very different. I have a Site.master page with a LoginView and LoginControl. I then have three root level pages Default.aspx, About.aspx, and Contact.aspx that derive from the Site.master. All three pages are set in the web.config to be allowed to all users. I then have a MemberPage in a Member folder which is only accessible to authenticated users. What I want to have happen is to be able to login from either the Default, About, or Contact pages and then be directed to the MemberPage.
The way Form Authentication is set now, I can only have one loginUrl and one defaultUrl. Which means if I have this settings in my web.config:
<authentication mode="Forms">
<forms name="ishAuth" loginUrl="Default.aspx" timeout="50" defaultUrl="~/Member/MemberPage.aspx"></forms>
</authentication>
the only page that redirects to the /Member/MemberPage.aspx is the Default.aspx. I want my users to be able to browse through the anonymous section of the site and login from any page and then be redirected to the MemberPage. Right now if I am on the About.aspx page and log in I am authenticated but remain on the About page.
Is there a way around the properties of the element? Can I turn off the default actions of the element and do the redirect using my own custom code?
I don't have access to Visual studio right now, but you should be able to use the "OnLoggedIn" event of the login control to do what you want. Create the even handler for that event, and simply just put Response.Redirect("~/Member/MemberPage.aspx") and your users should get redirected to the right page.
You can have a look at this page on the MSDN for more information.