none
ASP.NET Windows Authentication - Can display page but images on page aren't displayed RRS feed

  • Question

  • Hi,

    I have an asp.net website that uses windows authentication. I'm handling the session start event and using this to map the windows login name to my softwares login. If the login process to my software fails at this point the user is redirected, using Server.Transfer, to a basic page saying they don't have access to the site.

    This is all working fine except when the user is redirected to the error page, the page displays, you can read the text etc but any images on the page aren't displayed. IE just displays the image placeholder.

    The error page is located in a folder called Secure off the root of the website and the images are located in a folder called Images again off the root of the website.

    I have experimented with the location element in the web.config but this hasnt helped.

    If I allow the user to login and then go and view this error page it displays fine with images.

    I'm thinking the problem is because the user isn't authenticated but shouldn't the location element in the web.config fix this? Also because the error page can be viewed without any problems once logged in suggests it isn't permissions on the actual files or folders.

    Any help would be much appreciated.

    Kind Regards,

    Matt Gibson.

    • Moved by nobugz Saturday, September 19, 2009 11:02 AM forums.asp.net (From:Common Language Runtime)
    Friday, September 18, 2009 4:33 PM

All replies

  • Is there a web.config located in the images folder? And what are the security settings in your web.config in the root?
    Geert van Horrik - CatenaLogic
    Visit my blog: http://blog.catenalogic.com

    Looking for a way to deploy your updates to all your clients? Try Updater!
    Saturday, September 19, 2009 10:59 AM
  • Hi Geert,

    No there aren't any other web.config files in any of the sub folders. There is one web.config file in the site root.

    These are the security related parts of my web.config...

    <

     

    authentication mode="Windows">

     

     

    </authentication>

    <

    authorization>

    <

     

    allow users="*" />

    </

    authorization>

    <

     

    identity impersonate="false" />



    Kind Regards,

    Matt Gibson.

     

    Monday, September 21, 2009 9:17 AM