ASP.NET MVC issue with configuration of forms authentication section

Question

I have an ASP.NET MVC 3 Beta application running on IIS. In my web.config I defined following section responsible for forms authentication:

<         


        

Answer 1

I think there is a bug in ASP.NET MVC 3 Beta. This problem does not appear in previous releases of ASP.NET MVC.

If anyone wants to replay this error, he should follow this:

1.Download the mvc framevork.

2.Create new ASP.NET MVC 3 Web Application

3.Applay Authorize attribute on About action in HomeController

[Authorize]
public ActionResult About()
{
   return View();
}  

4.Start application and invoke About action by clicking on About tab. You will get server error, because application is trying to redirect You to such URL:

http://localhost:[port_num]/Account/Login?ReturnUrl=%2fHome%2fAbout

There is obviously no Login view. There is LogOn view. Url to LogOn action is defined in untouched web.config:

<authentication mode="Forms">
  <forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>

But application does not reflect that. Have anyone any clue what's going on ?

UPDATE:

I was right, there is a bug in MVC 3 Beta. From known issues:

"There’s a known issue that causes Forms Authentication to always redirect unauthenticated users to /Account/Login, ignoring the forms authentication setting used in Web.config. The workaround is to add the following app setting."

<add key="autoFormsAuthentication" value="false" />

UPDATE 2:

Alexander Prokofyev noticed, that ASP.NET 3 RTM looks for another setting. So you need this line instead:

<add key="loginUrl" value="~/LogOn" />

Answer 2

I removed the following from my web.config

<remove name="FormsAuthentication" />

and then everything seemed to work. This text had been added by default when I created my project.