• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1263
  • Last Modified:

This property cannot be set for anonymous users - Problem assigning Profile properties when user should be authenticated. ASP.NET

Hi Experts

I am trying to set a LastLoggedIn Profile Property at the point a user is authenticated via a Login Control. I am using the control's LoggedIn event to do this as below:

Protected Sub Login1_LoggedIn(ByVal sender As Object, ByVal e As System.EventArgs) Handles Login1.LoggedIn
            Profile.LastLoggedOn = DateTime.Now.ToString()
            Profile.Save()
End Sub

I had assumed that this event was raised once the user had been authenticated, but when I step into this User.Identity.IsAuthenticated is always False and so I get an error saying 'This property cannot be set for anonymous users'. If I remove this code however I am able to logon and pass authentication.

What am I doing wrong?

Many thanks

Stewart
0
digital_soul
Asked:
digital_soul
  • 3
  • 3
1 Solution
 
carlnorrbomCommented:
Hi,

Have you put the Login control inside a LoginView control? If so that logic will certainly break, might break otherwise as well. Since You haven't posted any code related to the actual Login control I can't tell whether you have set the DestinationPageUrl property or not (i.e. DestinationPageUrl="~/Login.aspx") but I would expect you are posting back to the same page?!? The problem when using the LoginView control for instance is that as soon as the Login control posts back it will not be rendered inside the LoginView as it normally sits in the Anonymous template. What set the DestinationPageUrl property to the page itself and put the logic to update the profile object in the page load event instead such as:

#####Markup:

<form id="form1" runat="server">
<div>
    <asp:LoginView ID="LoginView1" runat="server">
        <AnonymousTemplate>
            <asp:Login ID="l1" runat="server" DestinationPageUrl="~/Login.aspx">
            </asp:Login>
        </AnonymousTemplate>
        <LoggedInTemplate>
            <asp:LoginStatus ID="ls1" runat="server" /><br />
            You are logged in as: <asp:LoginName id="ln1" runat="server" />
        </LoggedInTemplate>
    </asp:LoginView>
</div>
</form>

#####Code:

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
        If Not Page.IsPostBack Then
            If User.Identity.IsAuthenticated Then
                Profile.LastLoggedOn = DateTime.Now.ToLongDateString()
                Profile.Save()
            End If
        End If
    End Sub

The above works just fine for me.

/Carl.
0
 
digital_soulAuthor Commented:
Hi

This still doesn't work. If user browses to Index.aspx and is not authentiocated then they are automatically passed to login.aspx. From there I have the following control

<asp:Login ID="Login1" runat="server" DestinationPageUrl="~/Login.aspx">
</asp:Login>

and in the code behind

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If Not Page.IsPostBack Then
            If User.Identity.IsAuthenticated Then
                Profile.LastLoggedOn = DateTime.Now.ToString()
                Profile.Save()
            End If
        End If
    End Sub

However, when I step into this User.Identity.IsAuthenticated always is still False, even though the user is then passed back to Insex.aspx authenticated and logged in.
0
 
carlnorrbomCommented:
Hi,

Well, as i said in the previous post, if you post back to a different url you will never get the user authenticated during the postback to login.aspx. Put the logic in the Page_Load event of Index.aspx instead, there the user will be authenticated and You will get the same result!

/Carl.
0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

 
digital_soulAuthor Commented:
But there is no guarantee that index.aspx will be the most appropriate URL to forward to. Depending on the user they might request one of any numbher of pages and, if not authenticated, be redirected to login.aspx. Ideally they should then be redirected to whatever page it was they originally requested. Does this mean I have to put this code into the onLoad event of every page? Also a full page refresh would then cause the profile property to be updated would it not? Are you saying there isn't a single event that I can tap into that occurs once the user is authenticated and update the profile properties at that point?
0
 
carlnorrbomCommented:
Hi,

Well, the problem is that you are redirecting while trying to tap into an event of a control of the page you are leaving. I would assume if you added a timeout to the redirection and had your own logic for this it would work. You will notice if you just for testing purposes take away the redirect and put a "If User.IsAuthenticated" clause in the page_load event of login.aspx that indeed when the page performs the full postback it will evaluate to true! So my suggestion would be to temporarily "halt" the redirection and display a message to the user for a couple of seconds or so and then proceed with the redirection to whatever url they should be directed to.

/Carl.
0
 
digital_soulAuthor Commented:
Thanks. I ended up just overriding the ReturnUrl parameter and writing some redirect logic based on the authenticated users role.

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If Not Page.IsPostBack Then
            If User.Identity.IsAuthenticated Then
                Profile.LastLoggedOn = DateTime.Now.ToString()
                Profile.Save()
                If User.IsInRole("Accounts") Then
                    Response.Redirect("~/WebForms/Accounts.aspx")
                Else
                    Response.Redirect("~/WebForms/General.aspx")
                End If
            End If
        End If
    End Sub

Protected Sub Login1_LoggedIn(ByVal sender As Object, ByVal e As System.EventArgs) Handles Login1.LoggedIn
        Response.Redirect(Login1.DestinationPageUrl)
End Sub
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now