Solved

url redirect

Posted on 2009-07-01
14
224 Views
Last Modified: 2012-05-07
I have a redirect that sends people to the loging page if they haven't logged in yet or their login session variable is null or = 0

But...lets sya they have a page in favorites...or anywhere for that matter and they paste it into the browser...

How do I do a redirect to THAT page on login instead og login>home.aspx?
0
Comment
Question by:lrbrister
  • 5
  • 5
  • 2
  • +2
14 Comments
 
LVL 41

Expert Comment

by:guru_sami
ID: 24755331
You should use FormsAuthentication and deny anonymous user access to your site.
This has to be done in your root web.config.

What kind of authentication your are using ...any more info?
0
 
LVL 15

Expert Comment

by:mohan_sekar
ID: 24755332
You cannot unless the page is static...meaning, the page doesn't require any authentication.
0
 

Author Comment

by:lrbrister
ID: 24755380
Hey guys...

This is the authentication info in the web.config

<authentication mode="Forms">
      <forms name="Login" loginUrl="Default.aspx" protection="All" path="/" timeout="30" cookieless="UseCookies" />
    </authentication>
0
 
LVL 41

Expert Comment

by:guru_sami
ID: 24755403
Add this to your web.config
<authorization>
<deny users="?"/>
</authorization>

This will force everyone who is not logged-in to go to your loginUrl="Default.aspx"
0
 
LVL 13

Expert Comment

by:crazyman
ID: 24755611
Your login url will have a querystring parameter passed in called ReturnURL.

After auth you can call FormsAuthentication.RedirectFromLoginPage to redirect to originally requested page.

http://msdn.microsoft.com/en-us/library/ka5ffkce.aspx
0
 
LVL 6

Expert Comment

by:M3mph15
ID: 24782343
Hi,

Check for the login session variable. If there isnt one (or null) save the url of the page they are currently at into another session variable.

Then when they log in check for that second session variable containing the url. If it exists then redirect to that page, if not redirect to home.aspx.

HTH
-M3mph15
0
 

Author Comment

by:lrbrister
ID: 24783941
M3mph15:
How do I save the url of the page they are at?
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 41

Expert Comment

by:guru_sami
ID: 24785573
can you share the code where you are authenticating the user and redirecting them to home page.
Are you using asp.net Login control ? If so share the markup for that control as well.
0
 

Author Comment

by:lrbrister
ID: 24785688
guru_sami:
I have the web.config code above.  Anyone that clicks on a saved link gets redirected to Default.aspx if their session("logged") isn't = 1

What I want is a method so that if someone saves "http://www.mydomain.com/memberHome.aspx" in their favorites...

They click on that and when the page loads...capyures that links url and saves as Session("fromUrl")

Once they login I'll simply have them redirected to that url...if it exists...or to the default home page if it doesn't exist.
0
 
LVL 41

Expert Comment

by:guru_sami
ID: 24785880
Yes...I understand the problem...but looks we need to know how you are setting FormsAuthentication Cookie and why the FormsAuthenticaiton is redirecting you to defaultUrl and not the ReturnUrl.
So if you can share your authentication code and Login Markup(if using login control) we might get more idea to help you solve the problem.
0
 
LVL 6

Expert Comment

by:M3mph15
ID: 24790702
Dim url As String = Request.Url.ToString
Session.Add("Redir", url)
0
 

Author Comment

by:lrbrister
ID: 24812978
Ok folks...per guru_sami

When anyone comes to our site they arte automatically redirected to the login page...

See the attached snippets...
--PAGE LOAD EVENT--

Protected Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load

        If Not IsPostBack Then

            lblMessage.Visible = False

            If Not IsPostBack Then

                If Not Request.Cookies("InfinityUserName") Is Nothing Then

                    strUserName.Text = Request.Cookies("InfinityUserName").Value.ToString

                    cbRememberMe.Checked = True

                    strPassword.Focus()

                Else

                    strUserName.Text = ""

                    cbRememberMe.Checked = False

                    strUserName.Focus()

                End If
 
 

            End If

        End If

    End Sub
 

--Bottom of login click---

Session("IndividualLevelType") = I.IndividualLevelType

                Session("IndividualLevelTypeCode") = I.IndividualLevelTypeCode

                Session("IndividualLevelTypeID") = I.IndividualLevelTypeID

                Session("LanguageTypeID") = I.LanguageTypeID

                Session("ExternalID") = I.ExternalID

                Session("DefaultHotel") = I.DefaultHotel

                Session("FirstName") = I.FirstName

                Session("LastName") = I.LastName

                Session("EmailAddress") = I.EmailAddress

                Session("DateAdded") = I.DateAdded

                Session("MemberSinceMonths") = I.MemberSinceMonths
 

                Dim ex As New Experiences

                ex.SelectExperiencesCommaRemoveIndividual(0, "", 0, "1", Session("IndividualExperienceID"))

                Session("ExperienceIDComma") = ex.ExperienceIDComma
 

                If cbRememberMe.Checked Then

                    Dim c As New HttpCookie("InfinityUserName", Trim(strUserName.Text))

                    c.Expires = DateTime.Now.AddYears(1)

                    HttpContext.Current.Response.Cookies.Add(c)

                Else

                    Dim c As New HttpCookie("InfinityUserName", strUserName.Text)

                    c.Expires = DateTime.Now().AddYears(-2)

                    Response.Cookies.Add(c)

                End If
 

                If ResetPassword = True Then

                    Response.Redirect("RegistrationWelcome.aspx")

                Else

                    Response.Redirect("MemberHome.aspx")

                End If

Open in new window

0
 
LVL 41

Accepted Solution

by:
guru_sami earned 500 total points
ID: 24814339
Looks your application is not taking full advantage of FormsAuthentication.
1: Adjust your authentication and authorization sections in web.config to look like this:

<authentication mode="Forms">
      <forms name="Login" loginUrl="Default.aspx" defaultUrl="MemberHome.aspx" protection="All" path="/" timeout="30" cookieless="UseCookies" />
    </authentication>
<authorization>
<deny users="?"/>
</authorization>

2: Now say we don't want to break you current working application. So we will simply add FormsAuthenticationCookie(FAC) without removing any of your code. Once thats working we can make adjustment to remove some of your code that would be redundant due to addition of FAC.

If cbRememberMe.Checked Then
                    Dim c As New HttpCookie("InfinityUserName", Trim(strUserName.Text))
                    c.Expires = DateTime.Now.AddYears(1)
                    HttpContext.Current.Response.Cookies.Add(c)
                Else
                    Dim c As New HttpCookie("InfinityUserName", strUserName.Text)
                    c.Expires = DateTime.Now().AddYears(-2)
                    Response.Cookies.Add(c)
                End If
                 ------Adding FormsAuthenticationCookie-------
            Dim username As String      = strUserName.Text    'your username text
            Dim issuedDate As DateTime =  DateTime.Now  'cookie issued date
            Dim expirationDate As DateTime = DateTime.Now.AddMinutes(30), 'ExpirationDate
            Dim isPersistent As Boolean = cbRememberMe.Checked  'Remember Me Checkbox value
            Dim userData As String = "UserData"  'could be anything or even String.Empty

   
      Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, _
        username, _
        issuedDate , _
        expirationDate, _
        isPersistent, _
        userData, _
        FormsAuthentication.FormsCookiePath)

      ' Encrypt the ticket.
      Dim encTicket As String = FormsAuthentication.Encrypt(ticket)

      ' Create the cookie.
      Response.Cookies.Add(New HttpCookie(FormsAuthentication.FormsCookieName, encTicket))

    ------End of FAC--------------
   ----Some modification in below redirect check ------
                If ResetPassword = True Then
                    Response.Redirect("RegistrationWelcome.aspx")

-----Check if ReturnUrl is not null then redirect them to their requested page

                Else If Request.Params("ReturnUrl") IsNot Nothing Then
                    Response.Redirect(Request.Params("ReturnUrl").ToString )
               Else
                    Response.Redirect("MemberHome.aspx")
                End If

Now set breakpoints while you debug and let us know the result.
Ref:
http://msdn.microsoft.com/en-us/library/system.web.security.formsauthenticationticket.aspx
0
 

Author Closing Comment

by:lrbrister
ID: 31598802
Great!  Thanks
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Entering time in Microsoft Access can be difficult. An input mask often bothers users more than helping them and won't catch all typing errors. This article shows how to create a textbox for 24-hour time input with full validation politely catching …
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now