I just built an application with forms authentication. I am unable to see my styles in the application (before being authenticated on Login.aspx NOR on a page after being logged in successfully). They used to be accessible when the app was using windows authentication.
I read another forum that said you must give access to the App_Themes folder containing the css prior to authenticating, but read above again (I also can’t see them after authenticating). That was working before when using Windows authentication. I brought in another menu library, so you’ll see 3 sections now.
I’m using Windows 7. Oh, and I right clicked the root folder containing my website files. I added permissions to IIS_IUSRS group, and IIS APPPOOL[APP POOL NAME] in IIS 7. I gave all permissions to both. Also, I have Basic Authentication enabled, and Forms authentication enabled in my site. The rest are disabled.
Thanks Stack Overflow Geniouses!!
==========================
web.config
Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
\Windows\Microsoft.Net\Framework\v2.x\Config
–>
<compilation debug="true">
<assemblies>
<add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<add assembly="System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
<add assembly="WindowsBase, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</assemblies>
</compilation>
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<!--<authentication mode="Forms">
<forms cookieless="UseCookies" slidingExpiration="true"
protection="All" timeout="60" loginUrl="~/Login.aspx">
</forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*"/>
</authorization>-->
<authentication mode="Forms">
<forms name="WANTA-AUTHENTICATE"
loginUrl="Login.aspx"
protection="All"
timeout="5"
path="/">
<credentials passwordFormat="MD5" />
</forms>
</authentication>
<authorization>
<allow users="*"/>
<deny users="?" />
</authorization>
<customErrors mode="Off" defaultRedirect="Default.aspx">
</customErrors>
<pages>
<controls>
<add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</controls>
</pages>
<httpHandlers>
<remove verb="*" path="*.asmx"/>
<add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/>
</httpHandlers>
<httpModules>
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</httpModules>
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests belong to a particular session.
If cookies are not available, a session can be tracked by adding a session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState mode="InProc" timeout="55" />
<system.serviceModel>
<!--<serviceHostingEnvironment aspNetCompatibilityEnabled="true" >
<baseAddressPrefixFilters>
<add prefix="http://localhost/" />
</baseAddressPrefixFilters>
</serviceHostingEnvironment>-->
<behaviors>
<endpointBehaviors>
<behavior name="AspNetAjaxBehavior">
<enableWebScript/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="Wanta.Toolkit.WantaService" behaviorConfiguration="ServiceBehavior">
<endpoint behaviorConfiguration="AspNetAjaxBehavior" binding="webHttpBinding" contract="Wanta.Toolkit.WantaService" />
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
==================
Login.aspx.cs
protected void Logon_Click(object sender, EventArgs e)
{
if ((UserEmail.Text == "x") &&
(UserPass.Text == "x"))
{
FormsAuthentication.RedirectFromLoginPage
(UserEmail.Text, Persist.Checked);
}
else
{
Msg.Text = "Invalid credentials. Please try again.";
}
}
In the past, I always remember giving access to the files of my site by right clicking the root folder of my site, and giving access to the following:
server (aka Location): local machine
IIS_IUSRS <=== this is a group
IIS APPPOOL[web_site_app_pool_name]
However, for some reason, IUSR was not in the group IIS_IUSRS. I ended up just giving that IUSR user access to my site, and not the group. I learned that you can actually put the user IUSR into the group IIS_IUSRS by going to Computer > Manage > Manage Users & Groups > …