I have configured FBA on Sharepoint 2010 site. And its working fine when I use the OOTB login page which is available at _form/default.aspx.
Now I have created my own Login.aspx page and configured the web application to get redirected to this custom page. This page I have kept it at Layouts/CustomFBA/Login.aspx location under 14 Hive. I followed this blog post to create and configure the login page.
I have included a user sign in page link at the bottom of this login page which is another application page.
I have updated the web.config of the web application to allow users to reach to the user sign-in page without getting authenticated or redirected to login page again. Ideally this should work, but somehow whenever I click that link I am being redirected back to the login page. I will really appreciate if somebody can help me in this regard
==========================================================
As I have mentioned earlier,the custom login page is working perfectly fine. But, I have link on the login page which take the users to a sign-in(UserSignin.aspx) page which is also kept in the /_layouts/CustomFBA/ folder. The problem is when I click the link, I am coming back to the Login page again.
As per some of the blog which I read, they have mentioned to allow user to view such page which should not ask for any authentication, we have to include the tag (mentioned by djeeg) in web.config of the web application. So I have done that as well.
But this is also not resolving the problem. I am still coming back to Login.aspx page when I click that "Sign-in" link on the Custom Login Page. I hope I have made my problem clear here.
Thanks & Regards,
Paddy
By default, SharePoint application pages added in Visual Studio inherit from the LayoutsPageBase class (MSDN: represents an application page to which access can be limited to users that possess certain rights).
Change the base class of the UserSignin.aspx page to UnsecuredLayoutsPageBase (MSDN: represents the base class for application pages that explicitly do not require the user to have any permissions, such as the access denied page).
Try adding this to your web.config
<location path="_layouts/CustomFBA/Login.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
That should then allow anonymous access to your custom login page
Related
We have a web site in IIS 7, that has a default document (index.asp) set. The entire site uses basic authentication except the index.asp page. This is working correctly if I enter the domain with the actual page name (www.mysite.com/index.asp). However, without the page name (www.mysite.com) I am prompted for credentials, even though it is the same page.
I've tried various web config changes and tried it with anonymous user set to the app pool and the IUSR account and it doesn't work either way. I'm thinking maybe I need to enable and then configure URL rewriting for this site but I'm not positive.
If you need any other info let me know.
thanks!
I create more than one site on sensenet and I want to specify an login page for each site.
On site properties I can define the login page but that is not working... (I think). Every time I access without the login made I receive the follow message:
404 error The requested resource could not be found Please make sure
that the url is spelled correctly.
To go to the main page, click here
It shouldn't go to my login page defined on site settings?
What am I not picking here?
You should add at least one site URL to your new site, and also check if "Everyone" has "open" and "run application" permission on the new login page.
I am very new to Kentico CMS and started implementing the basics.
I have Login button webpart which redirect me to page say 'Welcome.aspx'.
Now, what I am struggling with is if directly open 'Welcome.aspx' without login,
it should redirect to another page. Can anyone please help me in doing this?
If I understood correctly, you want the Welcome.aspx to require users to log in. If so, you can achieve that by adjusting page's ACLs at Page -> Edit -> Security and setting the Website logon page URL at Settings -> Security & Membership.
You can either set the page to be accessible by certain roles or at least require authentication.
There is an example in Corporate sample site - in section Partners.
Assuming you are using the recommended Portal Engine development model, you can set the permissions of the page on the Properties>Security tab. There you'd add a role of not authenticated and set the property to deny. Also ensure you have a default "login" page set in the settings.
I have installed an MVC4 application provided by a third party on our web server and most requests are being redirected to http://domain.com/login.aspx?ReturnUrl=requestedpage.
The website does not have any form of authentication and it does not have this or any other login page.
The default page loads but none of the page resources (like images, CSS, etc) loads as each of those is being redirected to the non-existent login.aspx page. Even a webservice request gets redirected.
I have done lots of searching online and tried the usual fix of <add key="autoFormsAuthentication" value="false" /> but it doesn't make any difference. I also tried <authentication mode="None" />.
It is IIS8.5 on Server 2012 and anonymous access is enabled throughout.
I just tried installing MVC4 directly on the server and this did not help.
Can anyone help?
This problem turned out to be caused by the anonymous user account not being set to the ApplicationPoolIdentity.
I fixed this after finding the answer on another question.
We are building a website inwhich user must be authenticated before access the site. However, I don't know if it's possible to do that in Piranha?
I used
<authorization>
<deny users ="?"/>
</authorization>
but it does not work.
Is anyone know how to do that?
Thanks
Piranha CMS uses forms authentication, so the above should work if you add a login url to the forms configuration in the web.config. I have used that setup myself for a couple of projects.
If you want to set restrictions on page level you can do this under Settings for a page, where you can choose the group needed to view the page.
If you're using MVC you can also add the [Authorize] attribute to your controllers/actions as usuall. Basically the normal steps should apply!
Regards