0

I have a website that uses Forms Authentication. When I test it in debug or in our dev server, in IIS7, it works fine. When I publish it in Production, when I press the Logout button it gives an HTTP 403 Error.

The code I have for my logout button is:

     FormsAuthentication.SignOut()
     FormsAuthentication.RedirectToLoginPage()
Filipe Vilhena
  • 55
  • 1
  • 3
  • 11
  • I had the same situation recently where we saw 403 errors in production but not in dev or test. The resolution for us was to add `[AllowAnonymous]` attribute for the Login (which corresponded to REDIRECT url for forms auth). Still do not know why it was not failing in dev or test. – David Tansey Aug 04 '14 at 13:39
  • @DavidTansey where did you configure Allow Anonymous? On the Page itself or IIS? – Filipe Vilhena Aug 04 '14 at 13:56
  • Apologies...`[AllowAnonymous]` is a controller action attribute in ASP.NET MVC. In WebForms the same idea is accomplished in the `WEB.CONFIG` -- see this for examples: http://stackoverflow.com/questions/10367850/is-it-possible-to-allow-anonymous-user-to-browse-only-few-files-from-a-folder – David Tansey Aug 04 '14 at 14:35
  • @DavidTansey that didn't work out. I still can't access when logging out. But it's strange because if I am in my default page it logs out ok, when I enter other pages it gives the error – Filipe Vilhena Aug 04 '14 at 16:52
  • What URL is the FORMS AUTH redirect set to? Is it the same as your 'default page'? – David Tansey Aug 04 '14 at 18:42
  • @DavidTansey yes. It points out to Login.aspx – Filipe Vilhena Aug 05 '14 at 08:20

1 Answers1

0

I solved my problem by changing 

FormsAuthentication.RedirectToLoginPage()

to

Response.Redirect("./mypage.aspx")
~

At least, it worked for me

Filipe Vilhena
  • 55
  • 1
  • 3
  • 11