[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5884
  • Last Modified:

asp.net / c# login page -- coordinating a session variable update against authenticated asp user

Development platform: c# asp.net 2.x, Visual Studio Pro utilising Web Developer, IIS6, SQL 2005 server.

Want to create a local session variable once a user has successfully logged in.

The login scripts are the standard simple asp.net login control, within its in own login.aspx page.

I have tried to insert the session variable update at the point of pressing the login button -- but the session variable is not being updated.

The session variable scripting is fine -- i.e. you can put that on another page and force (ie. hardcode) a value to be inserted into session variable (instead of checking the following asp.net variable :  Page.User.Identity.Name at time of logging in).

Perhaps this is not picking up the user identity successfully because the log in page is still processing the request and the page still does not know that a user is authenticated at time of the session variable update being run.

Your thoughts are much apprieated on this.

Thank you in advance for your time and efforts with this enquiry.
0
amillyard
Asked:
amillyard
  • 4
  • 4
1 Solution
 
surajgupthaCommented:
Login page indicates that you are using form's authentication.
In IIS have you enabled anonymous access?
0
 
surajgupthaCommented:
You might also be interested in this
http://www.eggheadcafe.com/articles/20050703.asp
0
 
amillyardAuthor Commented:
Yes, I am using the form's authentication (internet-based, i.e. not windows)

IIS does have 'anonymous access' enabled ... but only the root directory is available.   The other directories have been locked-down via asp.net security, to allow only authenticated users.

the reason the iis is set this way is so any user can at least get to see the initial login page (otherwise there is a windows style pop-up frame, requesting for a username and password to enter site.

under the normal circumstances -- this login page is working and authentication is working fine also -- its just that I am trying to update a session variable as soon as possible whena known logged in user credentials have been approved.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
surajgupthaCommented:
I think once the user has been authenticated, you should take the username from the textbox and store it to the session. In my opinion using Page.User.Identity.Name would only return the windows identity or nothing when anonymous login is enabled.
0
 
amillyardAuthor Commented:
ok, noting that we are still talking the login.aspx page -- login form scripting (so if you drag and drop this control will essentially have the same as what I am using (except for cosmetic appearance !)

where do I intercept (before the page is then moved away from the login.aspx page) the process, and insert the update session scripting?

I tried the form login button (i.e. double-clicked on button to create a blank procedure) -- but I think this where I was going wrong, as this the code I am adding is most likely being processed to early by iis.  Is there another opportunity to place the code before page moves away?
0
 
amillyardAuthor Commented:
have thought some more on what you were saying about using the textbox field variable... that will work as well .. irrespective if the user is authenticated or not... as if not authenticated, the user has to keep updating that text box field until allowed through login stage -- which means that even if the genuine authenication happens slightly after the session variable has been updated -- the timing is slightly irrelevant due to this only being a local session variable (i.e. unique to the web user).  if we were updating an application variable -- this process would not be recommended I suspect as a global variable on the iis server.

will give this a go now.

...but I would still like to know if there is a 'last minute' option still to action code before a page changes to the next web-page.
0
 
amillyardAuthor Commented:
I am getting the following error as follows:

The name 'UserName' does not exist in the current context

how do I modify the below script to be able to read the textbox variable?  (this is the standard login control)


protected void LoginButton_Click(object sender, EventArgs e)
        {
            if (UserName.Text == "abc")
            {

            }
}

0
 
surajgupthaCommented:
>> Check this out, this article clearly explains how to get the user name after authentication by adding a event handler to OnLoggedIn

http://www.codeproject.com/useritems/Remember_me_next_time.asp
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now