Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 518
  • Last Modified:

Multiple login pages for a single application

Is it possible to have multiple login pages for a single application in .NET?  

i.e. we have a website that could share users/logins across the site.  However, subsections (folders) act as mini apps within the site.  Users have roles to some of the mini-apps and not to others.  We would like it when a user accesses a mini-app to have a login page that is styled as part of the mini-app - rather than breaking the style out to the main site login page.  But the credentials/login/etc all should be the same (i.e. a single forms authentication ticket)

We were hoping not to have to break the site into a bunch of applications - hence the reason for this post, but we may go that route if necessary.
0
mrichmon
Asked:
mrichmon
  • 3
  • 2
  • 2
  • +1
1 Solution
 
mrichmonAuthor Commented:
Or a way to style the login page based on where the login redirect came from?
0
 
ICaldwellCommented:
It is possible but to maintain this would be time consuming... It would be better to make a generic login page for all the applications, pass across the redirecting URL so once the user logs in they get redirected back to the application they came from instead of going back to a main page....

We do this at our company for the pages, this means users do not need to go back to where they were after logging in...
0
 
RameshSCommented:
Basically you can set only one url for Forms Authentication in asp.net. However, if you want to display different Login pages to different users, you could achieve it indirectly. Since we don't know the role before the user login, we can take advantage of the request URL. For example, if the user request "http:\\www.xx.com\Admin\Info.aspx", you could display the Login page in Admin directory.  The steps are explained by Wencui Qian - MSFT in the following link. Please refer it.
multiple login page for forms authentication
Someother helpful links.
How to override/change FormsAuthentication LoginUrl in certain cases
Multiple signin pages in one asp.net application
 
 
 
 
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
mrichmonAuthor Commented:
Thanks for the links I will try it out and get back...
0
 
shrinivasmwCommented:
1. Yes, You can do it by having multiple web.config files in your application
or
2nd approach is

Based on the requested URL, you can know which Login page should be redirected to. For instance:

Use a general Login page in the root of the web site - actually, you can put nothing in this Login page, it's just a middle page. In the Page_Load event, you have to parse the requested URL.

protected void Page_Load(object sender, EventArgs e)
{
     char[] chs = {'/'};
     string[] strs = Request["ReturnUrl"].Split(chs);

     if (strs[1] == "Admin")
     {
          Response.Redirect(@"\Admin\Login.aspx");
     }
     else if(strs[1] == "Users")
     {
          Response.Redirect(@"\Users\Login.aspx");
     }
}
 
In order to redirect to the two Login pages, you should set Location in the two subdirectories to allow anonymous access. For instance:
<configuration>

  <location path="Login.aspx">
    <system.web>
      <authorization>
        <allow users="?"/>
      </authorization>
    </system.web>
  </location>
 
</configuration>

Let me know if it works and solvs your problem....
protected void Page_Load(object sender, EventArgs e)
{
     char[] chs = {'/'};
     string[] strs = Request["ReturnUrl"].Split(chs);

     if (strs[1] == "Admin")
     {
          Response.Redirect(@"\Admin\Login.aspx");
     }
     else if(strs[1] == "Users")
     {
          Response.Redirect(@"\Users\Login.aspx");
     }
}

In order to redirect to the two Login pages, you should set Location in the two subdirectories to allow anonymous access. For instance:  
And following is web.config setting required

<configuration>

  <location path="Login.aspx">
    <system.web>
      <authorization>
        <allow users="?"/>
      </authorization>
    </system.web>
  </location>
  
</configuration>

Open in new window

0
 
shrinivasmwCommented:
BEST WAY is to HAVE only 1 LOGIN page for application. And depending on ROLE/PERMISSIONS/ETC. redirect user to respective login page.
0
 
ICaldwellCommented:
I like one simple clean login page that redirects accordingly.....  Less coding, cleaner design, easy to maintain...
0
 
mrichmonAuthor Commented:
I ended up using a single login page that used this concept to appear to be each child application's login page by including the appropriate controls.

Now it is transparent that they are on the same login page - it looks like each separate app.

Thanks for the links they helped.
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now