Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Cassini and ASP.NET Forms Authentication
ghawkes
#1 Posted : Tuesday, June 16, 2009 7:47:10 AM(UTC)
Groups: Member
Joined: 6/16/2009(UTC)
Posts: 6

Hello,

I have encountered an issue where my images and CSS do not function on my login page. I believe this is due to my website using Forms authentication. In my Web.Config I have the following section:

Code:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" name=".ASPXFORMSAUTH" defaultUrl="Home.aspx" timeout="30"></forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>


Since users are automatically denied access until they login Cassini is seeing the images and CSS as restricted and inaccessable on my login page. After I successfully login everything works fine.

Has anyone else run into this issue or something similar? Thanks.

- G
Ultidev Team
#2 Posted : Tuesday, June 16, 2009 9:12:45 AM(UTC)
Ultidev Team

Groups: Administration
Joined: 11/3/2005(UTC)
Posts: 2,253

Thanks: 28 times
Was thanked: 60 time(s) in 59 post(s)
Hi there!

It is a known difference between IIS in its default configuration and UltiDev Cassini. UltiDev Cassini authenticates all requests, regardless whether the request is for an ASP.NET resource like .apsx page, or an image. IIS by default (but not always) does not pass requests for images and some other resources to ASP.NET handler, which leads to those requests never getting authenticated. One of many possible workarounds would be to place resources that don't need authentication in one folder, and place a web.config in that folder allowing non-authenticated requests for resources in the folder. For example, you could create a folder structure like this
Code:
/-Root
|-FILES
| |- IMAGES
| |- STYLESHEETS
| |- SCRIPTS
| +- web.config
|
|-Default.aspx
+-web.config

The second web.config, located in the FILES folder, would look like this:
Code:
<configuration>
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</configuration>

This, of course, is just one way to do that. You could instead keep your existing folder structure and either simply put the web.config shown above in each folder with static resources, or modify your main web.config as described in this post.

Please let us know if this information has helped.

Best regards,
UltiDev Team.
Please donate at http://www.ultidev.com/products/Donate.aspx to help us improve our products.
ghawkes
#3 Posted : Tuesday, June 16, 2009 9:41:23 AM(UTC)
Groups: Member
Joined: 6/16/2009(UTC)
Posts: 6

Thanks! I went with the following approach and it worked perfectly.

Code:
<!-- Always allow access to the CSS and images -->
<location path="CSS">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
<location path="Images">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>


- G
Ultidev Team
#4 Posted : Tuesday, June 16, 2009 10:53:37 AM(UTC)
Ultidev Team

Groups: Administration
Joined: 11/3/2005(UTC)
Posts: 2,253

Thanks: 28 times
Was thanked: 60 time(s) in 59 post(s)
Not a problem! We're always happy to help.

Best regards,
UltiDev Team.
Please donate at http://www.ultidev.com/products/Donate.aspx to help us improve our products.
Rss Feed  Atom Feed
Users browsing this topic
Guest (4)
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You can vote in polls in this forum.