Hello, I need some help setting up CookieAuthentication in CS 2.0. I have the license installed and, for the most part, things seem to be working properly. My site is set up as an application under my main site: http://www.somesite.com/CS The login page is located at http://www.somesite.com/membership/login.asp Here's my problem... When the a user goes to http://www.somesite.com/CS/user/EditProfile.aspx without being logged in, a standard Windows user name and password popup appears. I know that the user needs to be redirected to the proper login page to set the cookie, but I can't get it to work correctly. I got the Control Panel page to work correctly by wrapping the system.web portion of the web.config file in a location tag ( <location path="ControlPanel/default.aspx"> ) and that seems to work as expected. Trying the same with the user web.config displays the EditProfile.aspx page displaying the profile of the Annonymous user. What am I missing? The site is being hosted elsewhere, so I don't have access to IIS directly. Any pointers would be greatly appreciated.
CS V2.0 - Asp 1.1 - Binary package installed - Hosted web service
<WebCoder> wrote in message news:534266@communityserver.org... Hello, I need some help setting up CookieAuthentication in CS 2.0. I have the license installed and, for the most part, things seem to be working properly. My site is set up as an application under my main site: http://www.somesite.com/CS The login page is located at http://www.somesite.com/membership/login.asp Here's my problem... When the a user goes to http://www.somesite.com/CS/user/EditProfile.aspx without being logged in, a standard Windows user name and password popup appears. I know that the user needs to be redirected to the proper login page to set the cookie, but I can't get it to work correctly. I got the Control Panel page to work correctly by wrapping the system.web portion of the web.config file in a location tag ( <location path="ControlPanel/default.aspx"> ) and that seems to work as expected. Trying the same with the user web.config displays the EditProfile.aspx page displaying the profile of the Annonymous user. What am I missing? The site is being hosted elsewhere, so I don't have access to IIS directly. Any pointers would be greatly appreciated. CS V2.0 - Asp 1.1 - Binary package installed - Hosted web service http://communityserver.org/forums/thread/534266.aspx
Just to be sure I'm understanding you, would you mind trying a page?
Go to http://www.marketplace.boatersbasement.com/CS and click on the Manage Profile link in the navigation column on the left. It popups the NTLS login (I think that's what it is) which isn't what we want it to do. If you hit cancel, you get an access denied error.
On the same home page, if you click on Dashboard, you'll be redirected to the login page which sets up the cookie following a successful login, then sends you back to the dashboard.
Thanks for your help. If it is a file systems permission error, I'll have to contact our hosting provider.
Thanks!
<WebCoder> wrote in message news:534330@communityserver.org... Just to be sure I'm understanding you, would you mind trying a page? Go to http://www.marketplace.boatersbasement.com/CS and click on the Manage Profile link in the navigation column on the left. It popups the NTLS login (I think that's what it is) which isn't what we want it to do. If you hit cancel, you get an access denied error. On the same home page, if you click on Dashboard, you'll be redirected to the login page which sets up the cookie following a successful login, then sends you back to the dashboard. Thanks for your help. If it is a file systems permission error, I'll have to contact our hosting provider. Thanks! http://communityserver.org/forums/534300/ShowThread.aspx#534330
Ok, I've been in touch with the ISP and they said that the ControlPanel and the User directories and files have the same permissions.
Looking at the source code, there is a line in userprofile.cs that is missing from editprofile.cs
if ((csContext.User.IsAnonymous) && (csContext.SiteSettings.RequireAuthenticationForProfiles)) Context.Response.Redirect(Globals.GetSiteUrls().Login);
This leads me to believe that the page doesn't check to see if a login is needed. Since it's not executing the GetSiteUrls function, it doesn't know where to send the user to log in, so it displays the popup login box.
Is this page not designed to be linked to directly? Or am I missing something?
Copyright© 2008 Telligent Systems Inc. All rights reserved CommunityServer.com • Telligent.com