Hi all,
I am sure I am just doing this wrong but for the life of me I can not get things to play nicely. I am just starting to install and configure CruiseControl.net on a WS2008 X64 VM. The install seemed to go a little funny as it didn't create an IIS site for the dashboard, I ended up just doing that my self and pointing it at:
C:\Program Files (x86)\CruiseControl.NET\webdashboard
(had to add permissions for iis_iusrs for it to deal with config files, not sure how good that actually is).
Anyway, so I can view the web dashboard now and get into the admin section etc. Ultimately I want this site to be accessible online for ease of use by the team so it needs to be locked down and secure. So to that end I put the following sections on the web.config:
<authentication mode="Forms">
<forms name="appNameAuth" path="/" loginUrl="server/local/SimpleUserLogin.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="jon" password="test" />
<user name="mike" password="test" />
</credentials>
</forms>
</authentication>
If I put the following section in I can get to the login screen but will always be sent back to it even after I login and can never see any other pages:
<authorization>
<deny users="?" />
</authorization>
I also have this outside of the system.web section:
<location path="server/local/SimpleUserLogin.aspx">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>
My goal is to direct all non logged in users to the login page and no where else, once logged in they can view any page. Am I being a blonker here?
Thanks