Jim,

>I am using a masked (a.k.a. stealth) URL for a website. [NO, it is not used for SPAM or unsolicited mail!] My home page "default.aspx" is located in application folder "main". My masked URL is for example "www.def.com".
>
>For example: if my domain name is "www.abc.com" then the home page is at www.abc.com/main/default.aspx and my masked URL www.def.com forwards automatically to www.abc.com/main. Up to this point everything is working fine.
>
>Now, when I set the default.aspx page "RequiresSecurity" property to true and I don't use the masked URL (I type in: "www.abc.com/main"), then everything is still working OK, i.e. I am being directed to the User Login screen and after a successful login I am forwarded to default.aspx. However, when I use my masked URL www.def.com, then the login screen does not forward me to default.aspx, but comes right back and prompts me for my username and password again.
>
>I know that UserLogin.aspx is talking to the database, because when I type in an incorrect username/password combination, I am getting the "Invalid User ID and Password" message and when I type in a correct combination, I don't get any message.

I'm not sure what's going on, but I recommend setting a breakpoint in mmBaseUserLogin.Login() to see what's happening with the redirection.

Regards,