Hi
I have an asp.net 2.0 project and am experiencing a problem.
In the project, I am trying to make use of Membership.
I have one Role, called "Basic User" and two users - "admin" and "test".
"admin" is a member of the Role but "test" is not.
I have only a few pages in the project at the moment: -
• SecurePage.aspx - The page I want only authenticated users that are members of the Role to use.
• Login.aspx - Login page
• Unauthorized.aspx - Informs user that they cannot view the secure page
because of a lack of permissions
SecurePage.aspx just contains a ChangePassword control.
Unauthorized.aspx has some text and a LoginStatus control.
So in the SecurePage.aspx, I have this code to handle this: -
Protected Sub form1_Load(ByVal sender As Object, ByVal e As System.EventArgs)
If User.Identity.IsAuthenticated = False Then
Server.Transfer("login.aspx")
End If
If Roles.IsUserInRole("Basic User") = False Then
Server.Transfer("unauthorized.aspx")
End If
End Sub
If I go to the SecurePage and am not authenticated, it transfers me to login.aspx.
If I then login with the user "admin", which is in the Role "Basic User", it works ok.
If I first login with "test", which is NOT in the Role, then I am transfered to the "unauthorized.aspx" page.
However, if I click "Logout" on the LoginStatus control on the "unauthorized" page it refreshes and changes to display "Login".
So, if I then click "Login", I am taken back to the login page. The URL in the address bar at this point is: -
http://localhost:1489/Lesson09/login.aspx?ReturnUrl=/unauthorized.aspx
If I then login with using "admin" - which is a member of the Role - this is where I get a problem.
Instead of being taken to the SecurePage.aspx as expected, I get taken back to the "unauthorized.aspx" page.
This is obviously wrong.
Now, I know that this should work but does anybody know why it is not working?
Is there some settings or something I need to change on my PC? Am I missing a step or not doing something?
I've checked the obvious things - like that the user was actually in the Role etc.
However, I just cannot get this to work.
I am new to ASP.Net and so I don't really know where to start to look for what the problem is?
I have gone through re-doing the project twice now and I still get the same problem.
For info, I am using: -
- Visual Studio .Net 2005 (Professional) (up to date)
- Latest .Net installed
- Windows XP Pro
- Internet Explorer 6 (version 6.0.2900.2180.xpsp_sp2_gdr.050301-1519) SP2
I would very much appreciate any help or advice on this problem.
Thanks in advance.
Kind regards
Darren Brook
email: darrenbrook@btconnect.com
I have an asp.net 2.0 project and am experiencing a problem.
In the project, I am trying to make use of Membership.
I have one Role, called "Basic User" and two users - "admin" and "test".
"admin" is a member of the Role but "test" is not.
I have only a few pages in the project at the moment: -
• SecurePage.aspx - The page I want only authenticated users that are members of the Role to use.
• Login.aspx - Login page
• Unauthorized.aspx - Informs user that they cannot view the secure page
because of a lack of permissions
SecurePage.aspx just contains a ChangePassword control.
Unauthorized.aspx has some text and a LoginStatus control.
So in the SecurePage.aspx, I have this code to handle this: -
Protected Sub form1_Load(ByVal sender As Object, ByVal e As System.EventArgs)
If User.Identity.IsAuthenticated = False Then
Server.Transfer("login.aspx")
End If
If Roles.IsUserInRole("Basic User") = False Then
Server.Transfer("unauthorized.aspx")
End If
End Sub
If I go to the SecurePage and am not authenticated, it transfers me to login.aspx.
If I then login with the user "admin", which is in the Role "Basic User", it works ok.
If I first login with "test", which is NOT in the Role, then I am transfered to the "unauthorized.aspx" page.
However, if I click "Logout" on the LoginStatus control on the "unauthorized" page it refreshes and changes to display "Login".
So, if I then click "Login", I am taken back to the login page. The URL in the address bar at this point is: -
http://localhost:1489/Lesson09/login.aspx?ReturnUrl=/unauthorized.aspx
If I then login with using "admin" - which is a member of the Role - this is where I get a problem.
Instead of being taken to the SecurePage.aspx as expected, I get taken back to the "unauthorized.aspx" page.
This is obviously wrong.
Now, I know that this should work but does anybody know why it is not working?
Is there some settings or something I need to change on my PC? Am I missing a step or not doing something?
I've checked the obvious things - like that the user was actually in the Role etc.
However, I just cannot get this to work.
I am new to ASP.Net and so I don't really know where to start to look for what the problem is?
I have gone through re-doing the project twice now and I still get the same problem.
For info, I am using: -
- Visual Studio .Net 2005 (Professional) (up to date)
- Latest .Net installed
- Windows XP Pro
- Internet Explorer 6 (version 6.0.2900.2180.xpsp_sp2_gdr.050301-1519) SP2
I would very much appreciate any help or advice on this problem.
Thanks in advance.
Kind regards
Darren Brook
email: darrenbrook@btconnect.com
