ASP:Login Not Authenticating

I am currently learning form authentication using a SQLMembership provider. The ASP:Login control does not seem to authenticate. Here is the structure of my test site on my local machine:

~/LoginTest/
  Default.aspx
  CreateUser.aspx
  lostpassword.aspx
  web.config
  /login/
    Login.aspx
    ProtectedStuff.aspx
    web.config

In the web.config file of the LoginTest folder I have added the following nodes:

  <connectionStrings>
    <add name="EvgSqlConnection" connectionString="connection string" />
  </connectionStrings>

  <authentication mode="Forms">
    <forms name="LoginTest" loginUrl="~/login/Login.aspx" path="/login"
      cookieless="UseCookies" />
  </authentication>


  <membership defaultProvider="mySqlProvider" userIsOnlineTimeWindow="15">
    <providers>
      <clear/>
      <add
        name="mySqlProvider"
        type="System.Web.Security.SqlMembershipProvider"
        connectionStringName="EvgSqlConnection"
        applicationName="LoginTest"
        enablePasswordRetrieval="false"
        enablePasswordReset="true"
        requiresQuestionAndAnswer="true"
        requiresUniqueEmail="true"
        passwordFormat="Hashed" /> 
    </providers>
  </membership>


  <roleManager enabled="true" defaultProvider="mySqlRoleProvider" cacheRolesInCookie="true" cookieProtection="All">
    <providers>
      <clear/>
      <add name="mySqlRoleProvider" applicationName="LoginTest" connectionStringName="EvgSqlConnection"
           type="System.Web.Security.SqlRoleProvider"/>
    </providers>
  </roleManager>

In the web.config in the login folder I have the following:

<configuration>
  <appSettings/>
  <connectionStrings/>
  <system.web>
    <authorization>
      <deny users="?" />
      <allow users="*" />
    </authorization>
  </system.web>
</configuration>

So what this is supposed to do from what I have read is deny users access to anything in the login folder. In this case my test file is ProtectedStuff.aspx which is nothing more than a page with a label. What is currently happening is that everything seems to work except the ASP:Login control. I can currently create a new user with the ASP:CreateUserWizard on CreateUser.aspx. I can recover a new password using the question and answer set up using the ASP:PasswordRecovery control on lostpassword.aspx. I can enter the correct name and password in the ASP:Login control on Login.aspx. The only thing that doesn't seem to work is the actual authentication. Whenever I try to go to ProtectedStuff.aspx it kicks me back to Login.aspx like it is supposed to when you are not authenticated. Further, I can enter the wrong user name or wrong password and the Login control complains. I can see my user in the website administration page, I can see that the user is assigned a role.

There is no custom code behind any of these controls, all I have done is copied in the SqlProvider name into the MembershipProvider attribute of these controls. SQL S开发者_运维技巧erver 2000 is configured with an NT AUTHORITY\Network Service user that has aspnet_Membership Full Access checked. the config files seem to be okay, all the controls seem to be able to read and write to the database correctly, only the Login control doesn't seem to authenticate the user. What else should I be looking for?

I'd start by removing the path attribute from your Forms element:

Specifies the path for cookies issued by the application. The default value is a slash (/), because most browsers are case-sensitive and will not send cookies back if there is a path case mismatch.

If that still fails, I'd get hold of Fiddler and see what cookies are being sent back to the client and to the server after logging in.