Internet Information Services
Microsoft web server software.
1,576 questions
IIS Virtual Directory ASP Login Form authentication
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 84%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZZ%3C/text%3E%3C/svg%3E)
Zeljko Zaric
1
Reputation point
Hi together
Need asp web-form for authentication on IIS Virtula Directory(No Windows Integrated).
Virtual Directory is configured on IIS.
The Target ist to be able to disable anonymous authentication for the Virtual Directory and activate only Login.aspx and redirect after login to Virtual Directory.
My apsx Login Form is working but after Login get this message if anonymous login is disabled for virtual directory.
HTTP Error 401.2 - Unauthorized
You are not authorized to view this page due to invalid authentication headers.
Does somone have any idee how to implement this.
This is my web.config on IIS 7.
<authentication mode="Forms">
<forms loginUrl="Login.aspx" timeout="30" protection="All" slidingExpiration="true" />
</authentication>
<authorization>
<allow users="*" />
</authorization>
</system.web>
<location path="VirtualDirectory">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
This is a code behind Login.aspx
protected void LoginButton_Click(object sender, EventArgs e)
{
//string adPath; //= objGlobalInfo.getConnectionString().ToString();
TextBox DomainName = (TextBox)LoginUser.FindControl("DomainName");
TextBox UserName = (TextBox)LoginUser.FindControl("UserName");
TextBox Password = (TextBox)LoginUser.FindControl("Password");
CheckBox RememberMe = (CheckBox)LoginUser.FindControl("RememberMe");
Label errorLabel = (Label)LoginUser.FindControl("errorLabel");
string adPath = ConfigurationManager.ConnectionStrings["AD"].ConnectionString;
string DomainFQDN = ConfigurationManager.AppSettings["DomainFQDN"];
string PermitedLoginGroup = ConfigurationManager.AppSettings["PermitiedLoginGroup"];
string DomainNetBiosName = ConfigurationManager.AppSettings["DomainNetBiosName"];
try
{
LdapAuthentication adAuth = new LdapAuthentication(adPath);
if (true == adAuth.Authenticate(UserName.Text, Password.Text, DomainName.Text))
{
Response.Redirect("http://webserver.ad.com/VirtualDirectory",false);
string userData = string.Empty;
//Create the ticket, and add the groups.
bool isCookiePersistent = RememberMe.Checked;
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1,
DomainNetBiosName + @"\" + UserName.Text.ToUpper(), DateTime.Now, DateTime.Now.AddMinutes(60), isCookiePersistent, userData);
//Encrypt the ticket.
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
//Create a cookie, and then add the encrypted ticket to the cookie as data.
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
//Add the cookie to the outgoing cookies collection.
if (true == isCookiePersistent)
authCookie.Expires = authTicket.Expiration;
//this Line show logout if user loggedin but take cached site
Response.Cookies.Add(authCookie);
}
}
catch (Exception ex)
{
errorLabel.Text = "Error authenticating. " + ex.Message;
}
}
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 70%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYD%3C/text%3E%3C/svg%3E)
Yurong Dai-MSFT 2,771 Reputation points Microsoft Vendor2022-11-16T10:02:22.077+00:00 Hi @Zeljko Zaric ,
Your login page does not have anonymous authentication enabled. When you implement forms authentication in IIS, both forms authentication and anonymous authentication should be enabled. Then you need to create allow authentication rules for all users and deny anonymous users at the site level. When you successfully authenticate with forms, IIS will send a forms authentication cookie with a username decided by your application (could be a key in appsetting or a username from a database).<authentication mode="Forms"> <forms name=".aspxformsdemo" loginUrl="Login.aspx" protection="All" path="/" timeout="30" /> </authentication> <authorization> <deny users ="?" /> <allow users = "*" /> </authorization>You need to create an authorization rule to allow anonymous access to the login page:
<location path="Login"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location>You can refer to this article for more information: https://learn.microsoft.com/en-US/troubleshoot/developer/webapps/aspnet/development/forms-based-authentication
Sign in to comment