?
Solved

Asp.net IsAuthenticated

Posted on 2009-05-01
15
Medium Priority
?
687 Views
Last Modified: 2013-11-26
Using forms authentification, when a user is not logged in to the web site the code below can be used on the page load event to redirect them to the login page.

Question is do I have to add this on each page or can I do this in one place and instead add pages that dont need a logged in status to be viewed(like the start page, login page).

Thanks

 
If User.Identity.IsAuthenticated = False Then
            Response.Redirect("Login.aspx")
        End If

Open in new window

0
Comment
Question by:SNilsson
15 Comments
 
LVL 9

Expert Comment

by:VikramMullick
ID: 24277235
You can use a master page or user control,  then you need not use it in everyplace.
0
 
LVL 5

Expert Comment

by:roxviper
ID: 24277292
You can make a class with this function and you can call it in the masterpage . If you don't use a masterpage , yes , you have to call it in everypage . Recomandation : Use masterpages ( more about them look here http://www.asp.net/Learn/master-pages/)
0
 
LVL 14

Expert Comment

by:GiftsonDJohn
ID: 24277418
Use FormBased Authentication and declare the Login.aspx as Login Url in web.config. The users will be redirected to the Login page whenever the application finds they are not authenticated.
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 8

Author Comment

by:SNilsson
ID: 24277514
I do use masterpage and yes the section:
    <authentication mode="Forms">
      <forms loginUrl="Login.aspx" defaultUrl="Default.aspx" />
    </authentication>
..is there allready.
But I can still go to any page without being loged in, besides I need to have a few pages that are open for all.

So if I want to use the master page to do this how would the code look like and in what event in masterpage, same thing as I did on the single page?.
0
 
LVL 14

Expert Comment

by:GiftsonDJohn
ID: 24277549
can you post the web.config file. I would like to check the <authorization> section.
0
 
LVL 8

Author Comment

by:SNilsson
ID: 24277621
There is no authorization section, only authentication, membership , roleManager and profile sections (except for non related like connectionStrings and such).
0
 
LVL 14

Expert Comment

by:GiftsonDJohn
ID: 24277650
Try adding <authorization> in web.config

<authentication mode="Forms">
      <forms loginUrl="~/Login.aspx"></forms>
    </authentication>

    <authorization>
      <allow users="*"/>
      <deny users="?"/>
    </authorization>
0
 
LVL 14

Expert Comment

by:GiftsonDJohn
ID: 24277675
Also you have mentioned that you need to allow anonymous access to certain pages.

Create a folder. for ex. "Folder1" and include the following section in web.config just before </configurations>

  <location path="Folder1">
      <system.web>
         <authorization>
            <allow users="?,*"/>
         </authorization>
      </system.web>
   </location>

If you wan't for any individual files you have to create individual <location> tag to the path specifying the filenames.
0
 
LVL 8

Author Comment

by:SNilsson
ID: 24277691
No joy,
I can still access different pages without being logged in, I do the debug on the VS provided browser, but it should work there to without having to publish it to IIS.
0
 
LVL 8

Author Comment

by:SNilsson
ID: 24277704
Thanks for the location tip, will try that once I get the deny thingy to work
0
 
LVL 14

Expert Comment

by:GiftsonDJohn
ID: 24277714
Please post the full web.config. Let me have a check
0
 
LVL 8

Author Comment

by:SNilsson
ID: 24277746
I went to the ASP.net configuration site, it added the:
    <authorization>
      <deny users="?" />
    </authorization>

..section and now it seems to work, will try the 'location' thingy also, I'll be back soon.

Maybe it was that the '<allow users="*"/>' should be below deny I guess the order is important, if its needed at all in this case that is since everything thats not = ? is a logged in user.
0
 
LVL 14

Accepted Solution

by:
GiftsonDJohn earned 1000 total points
ID: 24277763
cool :-)
0
 
LVL 8

Author Comment

by:SNilsson
ID: 24277883
I went with making the whole site allowed for anonymous users (since the permissions are inherited) and made a folders for member where I have the pages needing login.

This is working fine, strange thing is that there is no <authorization> or <location path> section in web.config, I guess this is stored in the sql server db using the <roleManager>.

Comfirm if you know it works like that please.

Thanks for your help
0
 
LVL 8

Author Closing Comment

by:SNilsson
ID: 31576794
Thanks
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
In real business world data are crucial and sometimes data are shared among different information systems. Hence, an agreeable file transfer protocol need to be established.
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question