Hi, I have an interesting problem using Forms authentication mode with the Telerik Window. I'm using ASPNET AJAX Q1 2008:
I'm building a site that starts on Default.aspx. This page uses a MasterPage on which have the link that opens the window:
The Window that opens shows login_pop.aspx that performs the user authentication. The Terlerik Window controls on my Master page (which essentially is my Default.aspx page are:
In the process of building this site, I started without denying anybody. In other words, anyone could access the site and all the pages. And the Window worked exactly as I expected.
I then started adding my security. I want/need to use Forms authentication so in my Web.Config I specify what my default full accessible page is and deny all unauthorized users:
Now here's where you have to pay attention. In testing my authentication, I wanted to ensure I was working from a clean slate so I went into IE and killed all my Temporary Internet Files. I restart my browser to run my App and it bombs! I get:
Microsoft JScript runtime error: 'Telerik' is undefined
And my debugger stops on:
So I start Googling away to find out what the problem is, with no luck. Only through trial and error do I discover that if I change my Web.Config to:
then run the application - all is well again. And even if I set it back to:
It will continue to work fine as long as I don't delete my Temporary Internet files.
One last thing, I have also put in my Web.Config the following code which is supposed to allow any user access to the login_pop.aspx page so it can be called from Default.aspx:
Is there a problem with the way I'm implementing the Telerik Window? Or do I just need to figure out how to open up the Temporary Internet Files folder to Anonymous users? Any suggestions/comments are welcome.
Thanks,
Craig
| <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> |
| <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> |
I'm building a site that starts on Default.aspx. This page uses a MasterPage on which have the link that opens the window:
| <a id="lnkLogin" href="">Login</a> |
The Window that opens shows login_pop.aspx that performs the user authentication. The Terlerik Window controls on my Master page (which essentially is my Default.aspx page are:
| <telerik:RadScriptManager ID="RadScriptManager1" runat="server" ScriptMode="Release"> |
| </telerik:RadScriptManager> |
| <telerik:radwindowmanager ID="RadWindowManager1" runat="server"> |
| <windows> |
| <telerik:RadWindow ID="rwWindow" runat="server" Behavior="Default" |
| Height="400px" InitialBehavior="Close" Left="" ReloadOnShow="true" |
| NavigateUrl="login_pop.aspx" OpenerElementID="lnkLogin" |
| style="display:none;" Top="" Width="400px"> |
| </telerik:RadWindow> |
| </windows> |
| </telerik:radwindowmanager> |
In the process of building this site, I started without denying anybody. In other words, anyone could access the site and all the pages. And the Window worked exactly as I expected.
I then started adding my security. I want/need to use Forms authentication so in my Web.Config I specify what my default full accessible page is and deny all unauthorized users:
| <authentication mode="Forms"> |
| <forms name=".ASPXAUTH" loginUrl="Default.aspx" protection="All" path="/" /> |
| </authentication> |
| <authorization> |
| <deny users="?"/> |
| </authorization> |
Now here's where you have to pay attention. In testing my authentication, I wanted to ensure I was working from a clean slate so I went into IE and killed all my Temporary Internet Files. I restart my browser to run my App and it bombs! I get:
Microsoft JScript runtime error: 'Telerik' is undefined
And my debugger stops on:
| $create(Telerik.Web.UI.RadWindow, {"clientStateFieldID":"ctl00_rwWindow_ClientState","formID":"aspnetForm","height":"400px","iconUrl":"","initialBehaviors":4,"left":"","minimizeIconUrl":"","name":"rwWindow","navigateUrl":"login_pop.aspx","openerElementID":"lnkLogin","reloadOnShow":true,"skin":"Default","top":"","width":"400px"}, null, null, $get("ctl00_rwWindow")); |
So I start Googling away to find out what the problem is, with no luck. Only through trial and error do I discover that if I change my Web.Config to:
| <authorization> |
| <allow users="*"/> |
| </authorization> |
then run the application - all is well again. And even if I set it back to:
| <authorization> |
| <deny users="?"/> |
| </authorization> |
It will continue to work fine as long as I don't delete my Temporary Internet files.
One last thing, I have also put in my Web.Config the following code which is supposed to allow any user access to the login_pop.aspx page so it can be called from Default.aspx:
| <location path="login_pop.aspx"> |
| <system.web> |
| <authorization> |
| <allow users="*"/> |
| </authorization> |
| </system.web> |
| </location> |
Is there a problem with the way I'm implementing the Telerik Window? Or do I just need to figure out how to open up the Temporary Internet Files folder to Anonymous users? Any suggestions/comments are welcome.
Thanks,
Craig
1 Answer, 1 is accepted
0
Craig
Top achievements
Rank 1
Rank 1
answered on 01 Oct 2008, 10:39 PM
Okay - a bit more digging and I managed to find an answer. Thanks to Morgan this solved my problem:
<location path="Telerik.Web.UI.WebResource.axd">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
I found it in this post:
http://www.telerik.com/community/forums/thread/b311D-bcdcem.aspx
Craig
<location path="Telerik.Web.UI.WebResource.axd">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
I found it in this post:
http://www.telerik.com/community/forums/thread/b311D-bcdcem.aspx
Craig