[Mono-list] asp.net web.config Forms authentication config issues
Get Bent
motorhead9876 at yahoo.com
Thu Aug 16 16:37:11 EDT 2007
In my web.Config, I'm using a rather standard authentication scheme to authenticate users. Here's the web.config snippet...
<authentication mode="Forms">
<forms
loginUrl="login.aspx"
defaultUrl="index.aspx"
name="BlahCookieAuth"
protection="All"
timeout="20">
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
The "?" means don't allow unathenticated users, or users without the auth cookie. This causes the user to be redirected to the login.aspx page to get the auth cookie set. Easy enough. But when loading the login page, mono thinks that authentication is needed for each javascript and css file included in the login.aspx page, requests for them redirect the user to the login page. Odd.
Here's the apache log:
127.0.0.1 - - [16/Aug/2007:04:29:28 -0400] "GET /login.aspx?ReturnUrl=%2fstyle%2fmenu.css HTTP/1.1" 200 2192
127.0.0.1 - - [16/Aug/2007:04:29:28 -0400] "GET /style/master.css HTTP/1.1" 302 174
127.0.0.1 - - [16/Aug/2007:04:29:28 -0400] "GET /login.aspx?ReturnUrl=%2fstyle%2fmaster.css HTTP/1.1" 200 2194
127.0.0.1 - - [16/Aug/2007:04:29:28 -0400] "GET /js/jquery-1.1.3.1.pack.js HTTP/1.1" 302 183
127.0.0.1 - - [16/Aug/2007:04:29:28 -0400] "GET /login.aspx?ReturnUrl=%2fjs%2fjquery-1.1.3.1.pack.js HTTP/1.1" 200 2203
Do I have something misconfigured? Or should I just allow all access (including unauthenticated access) to my style and js directories? Is there another solution to this?
Thanks
Rob
---------------------------------
Be a better Globetrotter. Get better travel answers from someone who knows.
Yahoo! Answers - Check it out.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ximian.com/pipermail/mono-list/attachments/20070816/c84fcbfc/attachment-0001.html
More information about the Mono-list
mailing list