Hi there, I have successfully integrated ASP.NET Login controls and set up membership. Most of my site is protected access... but the homepage is not.
I'm using the LoginView control to display "Welcome, please login", or "Welcome Kristan. Logout" etc. I find this control works fine on the protected pages, but on the homepage it always says "Welcome please login", even when I've already logged in through a sub-page. I suspect that this means that non-protected access pages dont look for the login controls and therefore it's left at its default anon setting. I'm not sure tho.
So in the nutshell, the loginview control is unaffected by the login status of the user on pages where the access is public.
I am seeing the same behaviour. I am using v403. I followed the video on umbraco.tv on how to protect pages. All pages are good, except the home-page. Should this be posted as bug on codeplex?
Hi, I seem to remember reading something in the past that said there was a problem with login controls on the home page of .NET sites i.e. it was a .NET issue not an Umbraco issue.
It was a long time ago so I can't remember the site I was on but I would suggest implementing a basic .NET website to test your controls outside of Umbraco to see if there is a similar problem. if this is the same problem you were having there might be a solution on one of the .NET forums...
a quick fix would be a little code in the homepage template to check isuserloggedIn and then show the information you want manually rather than using the control.
Paul, thanks for the tip, I'll do some hunting around on those problems
thank you for the quick fix, I can use the umbraco isloggedon function and essentially create my own loginview macro... however, is there an umbraco library function to return the URL for the logout link? or would I have to manually create a logout.aspx page with the FormsAuthentication.Signout() etc?
I have found that HttpContext.Current.User is NULL on the homepage (when user is logged in), fine everywhere else!! :-(
I wonder if there is a way I can manually get ASP.NET to authenticate the request and populate HttpContext.Current.User. I will have to do more digging in MSDN.
Membership / Login
Hi there, I have successfully integrated ASP.NET Login controls and set up membership. Most of my site is protected access... but the homepage is not.
I'm using the LoginView control to display "Welcome, please login", or "Welcome Kristan. Logout" etc. I find this control works fine on the protected pages, but on the homepage it always says "Welcome please login", even when I've already logged in through a sub-page. I suspect that this means that non-protected access pages dont look for the login controls and therefore it's left at its default anon setting. I'm not sure tho.
So in the nutshell, the loginview control is unaffected by the login status of the user on pages where the access is public.
I'd really appreciate any advice!
many thanks
Kris
Hi Kristan,
Have you set up the 'Public Access' settings on the homepage?
j
Hi Jay
The homepage should be accessible to everyone, logged in or not - it's just the pages below that need to be protected.
thanks
Kris
Have you got an asp.net Login Status control in the template?
This should show the Login/Logout button (even on unptotected pages)
hth
yep, the first part of my site master template is simply:
<body> <form id="Form1" runat="server"> <div id="outermain"> <div id="topbar"> <div id="topbar_logo"></div> <div id="topbar_right"> <div id="topbar_right_log"> <asp:LoginView ID="UmbracoLoginView" runat="server"> <AnonymousTemplate> <div id="topbar_right_log02"></div> <div class="topbar_right_log01"><asp:LoginStatus ID="LoginStatus2" runat="server" /></div> </AnonymousTemplate> <LoggedInTemplate> <div id="topbar_right_log02">Welcome<br /><asp:LoginName ID="LoginName" runat="server" /></div> <div class="topbar_right_log01"><asp:LoginStatus ID="LoginStatus1" runat="server" /></div> <div class="clear"></div> <div class="topbar_right_log01"><a href="#">Details</a></div> <div class="clear"></div> </LoggedInTemplate> </asp:LoginView>This works fine for protected pages.
k
It's possible that because the page is not protected the login view control is not invoked.
Try moving the LoginStatus control outside the login view control
Hmmm, didn't make any difference. Ironically, the Login page itself doesn't have protection, but it displays the loginview fine.
how weird.
k
That is odd. It proves the control is rendered on 'public' pages.
it's not a css weirdy is it? have you checked the source to make sure it's not being rendered but is not visible?
(apologies if that is teaching grandma to suck eggs but this is very strange)
I am seeing the same behaviour. I am using v403. I followed the video on umbraco.tv on how to protect pages. All pages are good, except the home-page. Should this be posted as bug on codeplex?
Peter
I just tested this on a vanilla Runway install (I didn't even set up login page, public access etc) and it works on the homepage.
<p>
<asp:LoginStatus id="LoginStatus1" runat="server"></asp:LoginStatus></p>
<p>
<asp:LoginView id="LoginView1" runat="server">
<AnonymousTemplate>
Please log in for personalized information.
</AnonymousTemplate>
<LoggedInTemplate>
Thanks for logging in
<asp:LoginName id="LoginName1" runat="Server"></asp:LoginName>.
</LoggedInTemplate>
</asp:LoginView></p>
hey Peter,
Interesting. Mine works but I have not set up any protected pages..maybe that is the key.
sure, but if you set up a login page and login - does the homepage show you as logged in?
Definitely not a CSS thing :-)
I have 4.0.3 as well.
k
not sure, i just secured the whole site and it's now struggling to remove the protection :-)
more info as I get it but I suspect it's a bug as Peter has the same as you...
I'm just downloading the umbraco source and I'll see whether I can fix it! hmmmm
What kind of protection do you use? I've set up Rolebased protection.
I'm using Role based. I have the same problem. If I am logged in it shows the welcome message on all pages except homepage.
Is it because they have different templates?
I have role-based too. So both of you can reproduce the issue then? I'm downloading the source, but it's taking a while.
BTW, the same site master template, containing the LoginView control, is used everywhere.
Tried setting the homepage as same template as the rest. Doesn't make a difference :(
Hi, I seem to remember reading something in the past that said there was a problem with login controls on the home page of .NET sites i.e. it was a .NET issue not an Umbraco issue.
It was a long time ago so I can't remember the site I was on but I would suggest implementing a basic .NET website to test your controls outside of Umbraco to see if there is a similar problem. if this is the same problem you were having there might be a solution on one of the .NET forums...
a quick fix would be a little code in the homepage template to check isuserloggedIn and then show the information you want manually rather than using the control.
Paul, thanks for the tip, I'll do some hunting around on those problems
j
thank you for the quick fix, I can use the umbraco isloggedon function and essentially create my own loginview macro... however, is there an umbraco library function to return the URL for the logout link? or would I have to manually create a logout.aspx page with the FormsAuthentication.Signout() etc?
I have found that HttpContext.Current.User is NULL on the homepage (when user is logged in), fine everywhere else!! :-(
I wonder if there is a way I can manually get ASP.NET to authenticate the request and populate HttpContext.Current.User. I will have to do more digging in MSDN.
thanks, Kris
HI there, just discovered something else... if I go to http://localhost then the loginview does not work as it should... but if I go to http://localhost/default.aspx - then it does!! Or if use the umbraco page name, then it works, http://localhost/homepage.aspx. ;
hmmmm I have tried disassembling both .NET and umbraco - but there's quite a lot of code :-)
k
just a little code to wade through :-)
that's freaky. can we force it to the default page for the site in IIS?
Did some investigating and found this:
Add to the modules-part (<system.webServer>) of the web.config
works for me, top man Peter.
one last thing, by moving the Loginstatus out of the LoginView you can reduce some of the code
(assuming this doesn't screw your css )
Hey guys, this is great - thank you so much! Specifically, I added runAllManagedModulesForAllRequests="true" to system.webserver/modules
thanks again!
k
Guys, this forum thread just saved my butt!
I was having this EXACT same problem. I used Peters suggestion above, and it worked like a charm.
Love the umbraco community... Thanks for helping!
-Josh
hey peter... i will give you a high five even if the others forgot ;) this will definitely come in handy for me on a project i am using right now!
is working on a reply...