dbrook007
10-31-2006, 03:19 AM
Hi
I have an asp.net 2.0 project and am experiencing a problem.
In the project, I am trying to make use of Membership.
I have one Role, called "Basic User" and two users - "admin" and "test".
"admin" is a member of the Role but "test" is not.
I have only a few pages in the project at the moment: -
• SecurePage.aspx - The page I want only authenticated users that are members of the Role to use.
• Login.aspx - Login page
• Unauthorized.aspx - Informs user that they cannot view the secure page because of a lack of permissions
SecurePage.aspx just contains a ChangePassword control.
Unauthorized.aspx has some text and a LoginStatus control.
So in the SecurePage.aspx, I have this code to handle this: -
Protected Sub form1_Load(ByVal sender As Object, ByVal e As System.EventArgs)
If User.Identity.IsAuthenticated = False Then
Server.Transfer("login.aspx")
End If
If Roles.IsUserInRole("Basic User") = False Then
Server.Transfer("unauthorized.aspx")
End If
End Sub
If I go to the SecurePage and am not authenticated, it transfers me to login.aspx.
If I then login with the user "admin", which is in the Role "Basic User", it works ok.
If I first login with "test", which is NOT in the Role, then I am transfered to the "unauthorized.aspx" page.
However, if I click "Logout" on the LoginStatus control on the "unauthorized" page it refreshes and changes to display "Login".
So, if I then click "Login", I am taken back to the login page. The URL in the address bar at this point is: -
http://localhost:1489/Lesson09/login.aspx?ReturnUrl=%2funauthorized.aspx
If I then login with using "admin" - which is a member of the Role - this is where I get a problem.
Instead of being taken to the SecurePage.aspx as expected, I get taken back to the "unauthorized.aspx" page.
This is obviously wrong.
Now, I know that this should work but does anybody know why it is not working?
Is there some settings or something I need to change on my PC? Am I missing a step or not doing something?
I've checked the obvious things - like that the user was actually in the Role etc.
However, I just cannot get this to work.
I am new to ASP.Net and so I don't really know where to start to look for what the problem is?
I have gone through re-doing the project twice now and I still get the same problem.
For info, I am using: -
- Visual Studio .Net 2005 (Professional) (up to date)
- Latest .Net installed
- Windows XP Pro
- Internet Explorer 6 (version 6.0.2900.2180.xpsp_sp2_gdr.050301-1519) SP2
I would very much appreciate any help or advice on this problem.
Thanks in advance.
Kind regards
Darren Brook
Removed email address. The point of the forum is to keep the discussion here...
I have an asp.net 2.0 project and am experiencing a problem.
In the project, I am trying to make use of Membership.
I have one Role, called "Basic User" and two users - "admin" and "test".
"admin" is a member of the Role but "test" is not.
I have only a few pages in the project at the moment: -
• SecurePage.aspx - The page I want only authenticated users that are members of the Role to use.
• Login.aspx - Login page
• Unauthorized.aspx - Informs user that they cannot view the secure page because of a lack of permissions
SecurePage.aspx just contains a ChangePassword control.
Unauthorized.aspx has some text and a LoginStatus control.
So in the SecurePage.aspx, I have this code to handle this: -
Protected Sub form1_Load(ByVal sender As Object, ByVal e As System.EventArgs)
If User.Identity.IsAuthenticated = False Then
Server.Transfer("login.aspx")
End If
If Roles.IsUserInRole("Basic User") = False Then
Server.Transfer("unauthorized.aspx")
End If
End Sub
If I go to the SecurePage and am not authenticated, it transfers me to login.aspx.
If I then login with the user "admin", which is in the Role "Basic User", it works ok.
If I first login with "test", which is NOT in the Role, then I am transfered to the "unauthorized.aspx" page.
However, if I click "Logout" on the LoginStatus control on the "unauthorized" page it refreshes and changes to display "Login".
So, if I then click "Login", I am taken back to the login page. The URL in the address bar at this point is: -
http://localhost:1489/Lesson09/login.aspx?ReturnUrl=%2funauthorized.aspx
If I then login with using "admin" - which is a member of the Role - this is where I get a problem.
Instead of being taken to the SecurePage.aspx as expected, I get taken back to the "unauthorized.aspx" page.
This is obviously wrong.
Now, I know that this should work but does anybody know why it is not working?
Is there some settings or something I need to change on my PC? Am I missing a step or not doing something?
I've checked the obvious things - like that the user was actually in the Role etc.
However, I just cannot get this to work.
I am new to ASP.Net and so I don't really know where to start to look for what the problem is?
I have gone through re-doing the project twice now and I still get the same problem.
For info, I am using: -
- Visual Studio .Net 2005 (Professional) (up to date)
- Latest .Net installed
- Windows XP Pro
- Internet Explorer 6 (version 6.0.2900.2180.xpsp_sp2_gdr.050301-1519) SP2
I would very much appreciate any help or advice on this problem.
Thanks in advance.
Kind regards
Darren Brook
Removed email address. The point of the forum is to keep the discussion here...