When AJAX and Forms Authentication Don't Play Nice
I've been doing some work with AJAX in ASP.NET lately, and one of the things I've run into is the "'Sys' is undefined" error. Originally, I was getting this error in my server-side code. You can view my solution in this post.
However, once that was resolved, I started getting the same error (or, sometimes, the slightly different "Sys is not defined" -- I think I got this one in FireFox) in my client-side code. The error was occuring on the login page of the site, and the site uses Forms Authentication. It was also intermittent -- everything would be working fine, but then after accessing the page a few times I'd get the error. A quick fix I discovered was to change the authorization info in the web.config file to allow all users, run the app in development mode, then close the browser and change the web.config file back to only allow authenticated users. This would stave off the error for a little while, but it would always return.
I finally found the permanent fix, which is to simply allow all users access to ScriptResource.axd which is used by AJAX. This is done in the same manner as you'd do to allow/deny access to pages/directories/etc when using Forms Authentication. Simply add the following in the configuration setting of your web.config file:
<location path="ScriptResource.axd">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
However, once that was resolved, I started getting the same error (or, sometimes, the slightly different "Sys is not defined" -- I think I got this one in FireFox) in my client-side code. The error was occuring on the login page of the site, and the site uses Forms Authentication. It was also intermittent -- everything would be working fine, but then after accessing the page a few times I'd get the error. A quick fix I discovered was to change the authorization info in the web.config file to allow all users, run the app in development mode, then close the browser and change the web.config file back to only allow authenticated users. This would stave off the error for a little while, but it would always return.
I finally found the permanent fix, which is to simply allow all users access to ScriptResource.axd which is used by AJAX. This is done in the same manner as you'd do to allow/deny access to pages/directories/etc when using Forms Authentication. Simply add the following in the configuration setting of your web.config file:
<location path="ScriptResource.axd">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
Comments
Post a Comment