Has anyone tried implementing asp.net 2.0 membership? I have it working perfectly on my laptop however when I try running my hostmysite with the same exact code I have problems getting pages that I have restricted. The login page seems to authenticate the account but does not transfer to the requested page. I have found this happens only when I put the <deny users='*' /> in my <authorization> section of the web.config. If I use '?' instead of '*' it allows anyone who has been authenticated to access the page but if I tell it to restrict all users it won't let you in. Here's an example of my authorization section:

<location path="admin">
<authorization>
<allow roles="Administrator"/>
<deny users="*"/>
</authorization>
</location>

On my laptop if you are in the administrator role and tried accessing anything in the admin path you're allowed access. On my hostmysite website you can't get past the login page. No error. Just won't send you to where you want to go. I even pointed my connection string for the membership and role providers to the hostmysite database thinking there was an issue there and it still ran fine on my laptop in debug mode in VS2005. After a lot of research I thought I saw something indicating that there might be a trust level issue.

I figure someone out there that uses hostmysite is also doing membership authentication and therefore would have run into exactly the same problem. Or atleast I really hope so as I am perplexed.

Happy Holidays,

Eric

Hi Eric,

Sorry it took so long for someone to see this. If you are still having trouble, you may want to check to see if your authentiation mode is set to Windows or Forms. Based on the symptoms, it sounds like you are set to windows authentication and it works on the laptop because the user you are using is a machine administrator.

Just a guess, but it may help.

You will want to configure your SQL DB to hold the membership information as well. This article is great and takes you through the whole process:

http://aspnet.4guysfromrolla.com/articles/120705-1.aspx

It will probably be a bit of a review for you since it is already setup on the laptop, but there may be some useful stuff in there. If you are still stuck send me a PM and I will help you get sorted out.

-Dave

No problem. Unfortunately I was in a bind to get it resolved quickly as no one could login to the restricted areas of the website. I ended up ripping out all of the .net authentication code and rig up something of my own. Not as nice as MS's but I was in a hurry. Anyway, since I did that I don't have a website to test on (don't want to muck with something that works). I'm sure I'll be doing another site soon with you guys and I'll try readdressing it then.

I did have it setup for forms authentication and used one of the ms tools to get the security related tables and stored procs into my sql server database. This is the first time I've worked with .net security on a hosting companies server - where I work our internal servers don't give me these issues. Probably because you have a lot more security concerns than I do with my internal web server.

Thanx,

Eric