locked
Visual Studio 2012 Update 2 Login.aspx page on Server RRS feed

  • Question

  • Hi All,

    Just getting up to speed with the new features that have appeared with Update 2 and wondered if there is an article or guidance regarding the Server/login.aspx page and how to use it.

    I assume I need to create my own code behind page and inherit from the LogInBasePage, just wondered if anything exists as guidance yet?

    I assume on successfully logging in I'd just redirect to the /Client to start the Lightswitch client interface?

    Thanks again for your help, this release has a few features I've been waiting for.

    Thank you.

    Steve


    Steve

    Sunday, April 28, 2013 4:17 PM

Answers

  • Hi Steve,

    I assumed you already upgraded your Silverlight Client and got the Login.aspx page, and also the change to the Silverlight Client location.

    Actually to share the Login.aspx page with the Silverlight Client all you need to do is edit the web.config file under App.Server folder and add an element like this at the very end

      <location path="Client">
        <system.web>
          <authorization>
            <deny users="?" />
          </authorization>
        </system.web>
      </location>

    Here's how it should look in the full web.config file

      <uri>
        <schemeSettings>
          <add name="http" genericUriParserOptions="DontUnescapePathDotsAndSlashes" />
          <add name="https" genericUriParserOptions="DontUnescapePathDotsAndSlashes" />
        </schemeSettings>
      </uri>
      <location path="Client">
        <system.web>
          <authorization>
            <deny users="?" />
          </authorization>
        </system.web>
      </location>
    </configuration>

    You can read more about this element on MSDN, but essentially it's telling Forms Authentication that you want to lock down access to http://Server/Client to authorized users only. So now any unauthorized users trying to access http://Server/Client will be redirected to http://Server/LogIn.aspx page, then redirect back to http://Server/Client and load the Silverlight Client.

    If you have an HTML Client, our publish process automatically insert a <location> element similar to above to automatically protect your HTML Client. We don't do that to Silverlight Client since the Silverlight Client has its own Log in page and we think it should be an opt-in action.

    Best regards,
    Huy


    Wednesday, May 1, 2013 2:22 AM

All replies

  • Hi Steve,

    The Server\LogIn.aspx page ans Server\LogOut.aspx pages can only support Forms Authentication; and they should work out of the box, without any changes. Once you turn on Forms Authentication and publish your LightSwitch application, the published application should be protected by LogIn.aspx page. You don't need to write any extra code for LogIn.aspx page, besides from customizing the UI if you'd like to, and that can be done directly in LogIn.aspx.

    I've only seen and answered two questions related to Forms Authentication so far.

    Feel free to post any questions you may have.

    Best regards,
    Huy Nguyen

    Monday, April 29, 2013 5:15 PM
  • Hi Huy,

    Thanks for your reply.

    1) Silverlight Client

    I'm using the Silverlight client not HTML.

    I'd assumed I could use Forms Authentication and the Login.aspx and then once authenticated redirect to the Silverlight client.

    Is there a way to customise the Login page for a Silverlight client or do I just change the default.htm in the Silverlight client project?

    2) Default Login for Silverlight Website moved

    It used to be

       http://server/

    Nows its

       http://server/client

    Any easy way to revert that, or should I just put in a default.aspx and a response.redirect?

    Thanks,

    Steve

    Thanks,

    Steve


    Steve

    Tuesday, April 30, 2013 6:12 PM
  • 1) you should be able to authN via login.aspx and then redir to the client.  You cannot modify the SL Client login screen other than to put an image on the page.

    2) response.redirect would be the easiest way and should work fine.

    Tuesday, April 30, 2013 9:38 PM
    Moderator
  • Hi Steve,

    I assumed you already upgraded your Silverlight Client and got the Login.aspx page, and also the change to the Silverlight Client location.

    Actually to share the Login.aspx page with the Silverlight Client all you need to do is edit the web.config file under App.Server folder and add an element like this at the very end

      <location path="Client">
        <system.web>
          <authorization>
            <deny users="?" />
          </authorization>
        </system.web>
      </location>

    Here's how it should look in the full web.config file

      <uri>
        <schemeSettings>
          <add name="http" genericUriParserOptions="DontUnescapePathDotsAndSlashes" />
          <add name="https" genericUriParserOptions="DontUnescapePathDotsAndSlashes" />
        </schemeSettings>
      </uri>
      <location path="Client">
        <system.web>
          <authorization>
            <deny users="?" />
          </authorization>
        </system.web>
      </location>
    </configuration>

    You can read more about this element on MSDN, but essentially it's telling Forms Authentication that you want to lock down access to http://Server/Client to authorized users only. So now any unauthorized users trying to access http://Server/Client will be redirected to http://Server/LogIn.aspx page, then redirect back to http://Server/Client and load the Silverlight Client.

    If you have an HTML Client, our publish process automatically insert a <location> element similar to above to automatically protect your HTML Client. We don't do that to Silverlight Client since the Silverlight Client has its own Log in page and we think it should be an opt-in action.

    Best regards,
    Huy


    Wednesday, May 1, 2013 2:22 AM