Hi, I have an interesting problem using Forms authentication mode with the Telerik Window. I'm using ASPNET AJAX Q1 2008:
I'm building a site that starts on Default.aspx. This page uses a MasterPage on which have the link that opens the window:
The Window that opens shows login_pop.aspx that performs the user authentication. The Terlerik Window controls on my Master page (which essentially is my Default.aspx page are:
In the process of building this site, I started without denying anybody. In other words, anyone could access the site and all the pages. And the Window worked exactly as I expected.
I then started adding my security. I want/need to use Forms authentication so in my Web.Config I specify what my default full accessible page is and deny all unauthorized users:
Now here's where you have to pay attention. In testing my authentication, I wanted to ensure I was working from a clean slate so I went into IE and killed all my Temporary Internet Files. I restart my browser to run my App and it bombs! I get:
Microsoft JScript runtime error: 'Telerik' is undefined
And my debugger stops on:
So I start Googling away to find out what the problem is, with no luck. Only through trial and error do I discover that if I change my Web.Config to:
then run the application - all is well again. And even if I set it back to:
It will continue to work fine as long as I don't delete my Temporary Internet files.
One last thing, I have also put in my Web.Config the following code which is supposed to allow any user access to the login_pop.aspx page so it can be called from Default.aspx:
Is there a problem with the way I'm implementing the Telerik Window? Or do I just need to figure out how to open up the Temporary Internet Files folder to Anonymous users? Any suggestions/comments are welcome.
Thanks,
Craig
<add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> |
<add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> |
I'm building a site that starts on Default.aspx. This page uses a MasterPage on which have the link that opens the window:
<a id="lnkLogin" href="">Login</a> |
The Window that opens shows login_pop.aspx that performs the user authentication. The Terlerik Window controls on my Master page (which essentially is my Default.aspx page are:
<telerik:RadScriptManager ID="RadScriptManager1" runat="server" ScriptMode="Release"> |
</telerik:RadScriptManager> |
<telerik:radwindowmanager ID="RadWindowManager1" runat="server"> |
<windows> |
<telerik:RadWindow ID="rwWindow" runat="server" Behavior="Default" |
Height="400px" InitialBehavior="Close" Left="" ReloadOnShow="true" |
NavigateUrl="login_pop.aspx" OpenerElementID="lnkLogin" |
style="display:none;" Top="" Width="400px"> |
</telerik:RadWindow> |
</windows> |
</telerik:radwindowmanager> |
In the process of building this site, I started without denying anybody. In other words, anyone could access the site and all the pages. And the Window worked exactly as I expected.
I then started adding my security. I want/need to use Forms authentication so in my Web.Config I specify what my default full accessible page is and deny all unauthorized users:
<authentication mode="Forms"> |
<forms name=".ASPXAUTH" loginUrl="Default.aspx" protection="All" path="/" /> |
</authentication> |
<authorization> |
<deny users="?"/> |
</authorization> |
Now here's where you have to pay attention. In testing my authentication, I wanted to ensure I was working from a clean slate so I went into IE and killed all my Temporary Internet Files. I restart my browser to run my App and it bombs! I get:
Microsoft JScript runtime error: 'Telerik' is undefined
And my debugger stops on:
$create(Telerik.Web.UI.RadWindow, {"clientStateFieldID":"ctl00_rwWindow_ClientState","formID":"aspnetForm","height":"400px","iconUrl":"","initialBehaviors":4,"left":"","minimizeIconUrl":"","name":"rwWindow","navigateUrl":"login_pop.aspx","openerElementID":"lnkLogin","reloadOnShow":true,"skin":"Default","top":"","width":"400px"}, null, null, $get("ctl00_rwWindow")); |
So I start Googling away to find out what the problem is, with no luck. Only through trial and error do I discover that if I change my Web.Config to:
<authorization> |
<allow users="*"/> |
</authorization> |
then run the application - all is well again. And even if I set it back to:
<authorization> |
<deny users="?"/> |
</authorization> |
It will continue to work fine as long as I don't delete my Temporary Internet files.
One last thing, I have also put in my Web.Config the following code which is supposed to allow any user access to the login_pop.aspx page so it can be called from Default.aspx:
<location path="login_pop.aspx"> |
<system.web> |
<authorization> |
<allow users="*"/> |
</authorization> |
</system.web> |
</location> |
Is there a problem with the way I'm implementing the Telerik Window? Or do I just need to figure out how to open up the Temporary Internet Files folder to Anonymous users? Any suggestions/comments are welcome.
Thanks,
Craig