Monday, May 05, 2008

Styles on the Login.aspx page

I have been playing around with the ASP.NET login controls lately. After getting the membership and role management framework to work on my website (which is quite a task in itself), I set to figure out some other small things. In this case, I wanted to apply custom styles to the login control on my Login.aspx page.

Doing this is as simple as assigning a class to the CssClass attribute of the Login control and to any sub-controls whose appearance you want to modify.

<body class="Body">

<form id="form1" runat="server">

<div>

<asp:Login ID="Login1" runat="server" CssClass="TextBox">

<LoginButtonStyle CssClass="Button" />

</asp:Login>

</div>

</form>

</body>

</html>

Now I should mention that these classes are contained in a .css file inside my App_Themes/Default/Styles folder.

So in the <head> section of the page, I added the following:

<link rel="stylesheet" type="text/css" href="../App_Themes/Default/Styles/LoginStyles.css" />

Simple enough eh? Wrong!

No matter what I tried, no matter how much I played with the path to the css file, the styles simply won’t be rendered on my page. The same styles get applied if you use them in a <style /> element in the page itself. I was flummoxed.

The thing to note here is that the authorization section in my website is configured as:

<authorization>

<deny users="?"/>

</authorization>

This means that unauthenticated users will not be able to access the website resources: which includes style sheets and/or images on the website!!

So, in order to get this to work, I had to move the stylesheets for the login page and the related images to a separate folder called “AllowAll” and make the following additions to my web.config file:

<location path="AllowAll">

<system.web>

<authorization>

<allow users="*"/>

</authorization>

</system.web>

</location>

Basically this section means that all users (*) should be allowed access inside the “AllowAll” folder, regardless of whether they are authenticated or not.

Then I simply changed the path to my stylesheet on the login.aspx page:

<link rel="stylesheet" type="text/css" href="AllowAll/LoginStyles.css" />

And that did the trick. Woof…so much for authorization!!



Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)