?
Solved

RedirectFromLoginPage not working...

Posted on 2009-02-13
6
Medium Priority
?
786 Views
Last Modified: 2012-05-06
Hi,

I seem to have hit a wall with this one and id be grateful for any help.

I have the following code AFTER a user is authenticated:

        If Request.QueryString("ReturnURL") = Nothing Then
            Response.Redirect("main.aspx")
        Else
            FormsAuthentication.RedirectFromLoginPage(txb_User.Text, True)
        End If

Without touching the <authorization> section of the web.config I understand that by default you get:

  <authorization>
      <allow users="*" />
  </authorization>

However, if an unauthenticated user attempts to view a page they are NOT redirected to the login page.

Adding the following has a different affect:

  <authorization>
      <deny users="?" />
  </authorization>

The above example has a strange behaviour - it redirects an unauthenticated user to the login page WITH a ReturnURL BUT..........when a user is authenticated (correctly) on the login page they are redirected back to .... the login page! (with a ReturnURL).

Logging in the 2nd time redirects you to the desired home page.

Not really sure what I have done :P but I am confused now.

The other part of my web.config is as follows:

<authentication mode="Forms">
    <forms name=".iMedia" loginUrl="index.aspx" defaultUrl="index.aspx"  timeout="999" protection="All" path="/" slidingExpiration="True"/>
</authentication>

I would like for unauthenticated users who access a secure page to be redirected to the login page with a ReturnURL.

And to be able to login successfully first time!

Please note that I am not using ASP.NET Membership, but my own database authentication method.

thanks.

ks
0
Comment
Question by:Ramesh Srinivas
  • 3
  • 2
6 Comments
 
LVL 10

Expert Comment

by:MaxOvrdrv2
ID: 23634260
why not just do this instead:

If Request.QueryString("ReturnURL") = Nothing Then
            Response.Redirect("main.aspx")
Else
           Response.Redirect(txb_User.Text)
           OR
           Response.Redirect(Request.QueryString("ReturnURL"))
End If

Since you have already authenticated the user... why even bother dealing with the forms authentication object to redirect your user?

Cheers!
0
 
LVL 11

Author Comment

by:Ramesh Srinivas
ID: 23634881
Hi,

Unfortunately that does not make any difference, the behaviour stays the same.

The problem is that when <deny users="?" /> is included the following redirect does not work 1st time on initial log in:

           Response.Redirect("main.aspx")

And if I leave this out, then unauthorized page requests will not be redirected to the login page.

thx.
0
 
LVL 41

Accepted Solution

by:
guru_sami earned 2000 total points
ID: 23634887
Hoping you are putting this code inside another IF correct...
like
if Authenticated The
     YourCode..
End IF

rI just made some changes to your code...try that:

If Request.Params("ReturnUrl") IsNot Nothing Then 
    FormsAuthentication.RedirectFromLoginPage(txb_User.Text, False) 
Else 
    FormsAuthentication.SetAuthcookie(txb_User.Text, False) 
    Response.Redirect("main.aspx") 
End If 

Open in new window

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 11

Author Comment

by:Ramesh Srinivas
ID: 23635052
Hi sami,

Thanks for your response.

That appears to be working - i will give you an update after some testing.

Is there anything i need to do with the cookie when signing out?

thanks.
0
 
LVL 41

Expert Comment

by:guru_sami
ID: 23635121
If you are using LoginStatus Control .... basically no.
But to be on safer side ...call to these two methods should work.

Session.Abandon()
FormsAuthentication.SignOut()
0
 
LVL 11

Author Closing Comment

by:Ramesh Srinivas
ID: 31546648
Sorry for the late reply, but yes, it seems to be working fine.

Thank you.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have developed many web applications with asp & asp.net and to add and use a dropdownlist was always a very simple task, but with the new asp.net, setting the value is a bit tricky and its not similar to the old traditional method. So in this a…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question