i've been trying to get my web.config file to work but something is notright, i belive my web.config file is setup correctly but it doesn'twork. the problem is that the user is not being redirected to the loginpage. what i'm missing? i used a similar web.config file for anothersite and it works fine. Thanks in advance.
here is my web.config file:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<appSettings>
<addkey="conn" value="workstation id=FRED;packet size=4096;integratedsecurity=SSPI;data source=FRED;persist security info=False;initialcatalog=dbTaskManager"/>
</appSettings>
<system.web>
<!-- DYNAMIC DEBUG COMPILATION
Set compilationdebug="true" to insert debugging symbols (.pdb information)
into the compiled page. Because this creates a larger file that executes
more slowly, you should set this value to true only when debugging and to
false at allother times. For more information, refer to the documentation about
debugging ASP.NET files.
-->
<compilation defaultLanguage="vb" debug="true" />
<!-- CUSTOM ERROR MESSAGES
Set customErrorsmode="On" or "RemoteOnly" to enable custom error messages, "Off" todisable.
Add <error> tags for each of the errors you want to handle.
"On" Always display custom (friendly) messages.
"Off" Always display detailed ASP.NET error information.
"RemoteOnly"Display custom (friendly) messages only to users not running
on thelocal Web server. This setting is recommended for security purposes, so
that youdo not display application detail information to remote clients.
-->
<customErrors mode="RemoteOnly" />
<!-- AUTHENTICATION
This sectionsets the authentication policies of the application. Possible modes are"Windows",
"Forms", "Passport" and "None"
"None" No authentication is performed.
"Windows" IISperforms authentication (Basic, Digest, or Integrated Windows)according to
itssettings for the application. Anonymous access must be disabled in IIS.
"Forms" Youprovide a custom form (Web page) for users to enter their credentials,and then
youauthenticate them in your application. A user credential token isstored in a cookie.
"Passport"Authentication is performed via a centralized authentication serviceprovided
byMicrosoft that offers a single logon and core profile services formember sites.
-->
<authentication mode="Forms">
<formsname=".FGBTMC" path="/TaskManager/" loginUrl="Login.aspx"protection="All" timeout="60"></forms>
</authentication>
<machineKeyvalidationKey="AutoGenerate" decryptionKey="AutoGenerate"validation="SHA1" />
<!-- AUTHORIZATION
This sectionsets the authorization policies of the application. You can allow ordeny access
to applicationresources by user or role. Wildcards: "*" mean everyone, "?" meansanonymous
(unauthenticated) users.
-->
<authorization>
<allow users="?" /> <!-- Deny anonymous users -->
<allow users="*" />
<!-- <allow users="[comma separated list ofusers]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list ofusers]"
roles="[comma separated list of roles]"/>
-->
</authorization>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every pagewithin an application.
Set traceenabled="true" to enable application trace logging. IfpageOutput="true", the
traceinformation will be displayed at the bottom of each page. Otherwise, you can view the
applicationtrace log by browsing the "trace.axd" page from your web application
root.
-->
<trace enabled="false"requestLimit="10" pageOutput="false" traceMode="SortByTime"localOnly="true" />
<!-- SESSION STATE SETTINGS
By defaultASP.NET uses cookies to identify which requests belong to a particularsession.
If cookies arenot available, a session can be tracked by adding a session identifierto the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState mode="InProc"stateConnectionString="tcpip=127.0.0.1:42424" sqlConnectionString="datasource=127.0.0.1;Trusted_Connection=yes"
cookieless="false" timeout="60" />
<!-- GLOBALIZATION
This section sets the globalization settings of the application.
-->
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
</system.web>
</configuration>
Hi there,You need following in your web.config file..
<!-- AUTHORIZATION
This section sets the authorization policies of the application. You can allow or deny access
to application resources by user or role. Wildcards: "*" mean everyone, "?" means anonymous
(unauthenticated) users.
-->
<authorization>
<deny users="?"></deny>
<allow users="*" /> <!-- Allow all users -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
Cheers!
Thats exactly where the problem was!! i can't belive i did not see that !!
Thanks a million,
Fred G.
0 comments:
Post a Comment