I've got forms authentication setup as follows:
Web.config:
<authentication mode="Forms">
<forms slidingExpiration="true" cookieless="UseCookies" timeout="180" loginUrl="Login.aspx" defaultUrl="Default.aspx" name=".ASPXVEWPAUTH"/>
</authentication>
<authorization>
<deny users="?" />
</authorization>
Login.aspx:
/**Auth logic in button click**/
FormsAuthentication.RedirectFromLoginPage(username, false);
The Login.aspx and Default.aspx pages both live in the root of the application.
Every time I login it redirects me back to the login page. If I just go straight to Default.aspx, it redirects me to the login page as it should, puts Default.aspx into the returnUrl query string as it should, then when I login it redirects me back to Login.aspx with no query string. If I try to login again, with no query string, it still just goes back to Login.aspx.
If I change defaultUrl to a page outside of the root, it redirects fine, no problem.
If I change FormsAuthentication.RedirectFromLoginPage(username, false); to just Response.Redirect("Default.aspx");, the redirect still doesn't work.
If I change <deny users="?" /> to <allow users="?" />, I can load Default.aspx just fine by going directly to it, but the redirect still doesn't work.
I'm at a complete loss here. I've never seen this behaviour before and I'm out of ideas to try. Why won't it let me redirect to a page inside the root of the application? Any help is greatly appreciated.
