IIS Virtual Directory ASP Login Form authentication

Zeljko Zaric 1 Reputation point

Hi together

Need asp web-form for authentication on IIS Virtula Directory(No Windows Integrated).
Virtual Directory is configured on IIS.
The Target ist to be able to disable anonymous authentication for the Virtual Directory and activate only Login.aspx and redirect after login to Virtual Directory.

My apsx Login Form is working but after Login get this message if anonymous login is disabled for virtual directory.

HTTP Error 401.2 - Unauthorized
You are not authorized to view this page due to invalid authentication headers.

Does somone have any idee how to implement this.

This is my web.config on IIS 7.

<authentication mode="Forms">
<forms loginUrl="Login.aspx" timeout="30" protection="All" slidingExpiration="true" />
<allow users="*" />

<location path="VirtualDirectory">

		 <deny users="?"/>  

This is a code behind Login.aspx

protected void LoginButton_Click(object sender, EventArgs e)
//string adPath; //= objGlobalInfo.getConnectionString().ToString();
TextBox DomainName = (TextBox)LoginUser.FindControl("DomainName");
TextBox UserName = (TextBox)LoginUser.FindControl("UserName");
TextBox Password = (TextBox)LoginUser.FindControl("Password");
CheckBox RememberMe = (CheckBox)LoginUser.FindControl("RememberMe");
Label errorLabel = (Label)LoginUser.FindControl("errorLabel");
string adPath = ConfigurationManager.ConnectionStrings["AD"].ConnectionString;
string DomainFQDN = ConfigurationManager.AppSettings["DomainFQDN"];
string PermitedLoginGroup = ConfigurationManager.AppSettings["PermitiedLoginGroup"];
string DomainNetBiosName = ConfigurationManager.AppSettings["DomainNetBiosName"];

            LdapAuthentication adAuth = new LdapAuthentication(adPath);  
            if (true == adAuth.Authenticate(UserName.Text, Password.Text, DomainName.Text))  

                string userData = string.Empty;  
                //Create the ticket, and add the groups.  

                bool isCookiePersistent = RememberMe.Checked;  
                FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1,  
                          DomainNetBiosName + @"\" + UserName.Text.ToUpper(), DateTime.Now, DateTime.Now.AddMinutes(60), isCookiePersistent, userData);  

                //Encrypt the ticket.  
                string encryptedTicket = FormsAuthentication.Encrypt(authTicket);  

                //Create a cookie, and then add the encrypted ticket to the cookie as data.  
                HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);  
                //Add the cookie to the outgoing cookies collection.  
                if (true == isCookiePersistent)  
                    authCookie.Expires = authTicket.Expiration;  
                //this Line show logout if user loggedin but take cached site  

        catch (Exception ex)  

            errorLabel.Text = "Error authenticating. " + ex.Message;  


Internet Information Services
{count} votes