Solved

different destinations for FormsAuthentication.RedirectFromLoginPage

Posted on 2011-02-17
8
485 Views
Last Modified: 2012-05-11
I have my login page which uses formsauthentication and uses FormsAuthentication.RedirectFromLoginPage

The problem is that dependant on the user that logs in I want to redirect to different pages.

The user information is stored in a database an a user will be linked to different profiles etc.

I was thinking about just redirecting to an aspx page that does this work, so go to the database and get user details then a select case to do the different redirects.

Is there anyway I can set the formasautthentication redirect page rather than having to do my idea?
0
Comment
Question by:scm0sml
  • 4
  • 4
8 Comments
 
LVL 16

Expert Comment

by:Swapnil Piparia
ID: 34915913
Hi scm0sml,

In below article,
http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.getredirecturl%28v=vs.80%29.aspx

See following code snippet, and add your logic where I have put comment in bold.

     
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
        username,
        DateTime.Now,
        DateTime.Now.AddMinutes(30),
        isPersistent,
        userData,
        FormsAuthentication.FormsCookiePath);

      // Encrypt the ticket.
      string encTicket = FormsAuthentication.Encrypt(ticket);

      // Create the cookie.
      Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
        
[b]      // This will redirect to orginal url user has requested to (like in /login.aspx?ReturnUrl=caller.aspx, caller.aspx is the redirect url).
      // You can fetch database url here and redirect user to specific based on their config[/b]
      // Redirect back to original URL.
      Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));

Open in new window

 
 
Thanks,
netswap
0
 

Author Comment

by:scm0sml
ID: 34917444
Thanks for that.

The way I want it to work is:
 If HelperGeneral.AuthenticateUser(lgIndex.UserName, lgIndex.Password) Then

                loggedInUser = HelperGeneral.GetUser(lgIndex.UserName)
                Session("UserID") = loggedInUser.UserID

                Select Case loggedInUser.Profile.ProfileTypeID
                    Case Common.ProfileStatus.AccountsPayable
                        'direct to one link
                    Case Common.ProfileStatus.Import
                        'direct to another link
                    Case Common.ProfileStatus.RevenueControl
                        'direct to or another link
                End Select

            Else
                divTrouble.Visible = True
            End If

So as you can see we check the profile of a user and dependat on that want to redirect to specific pages.

How would your method fit into that?
0
 
LVL 16

Expert Comment

by:Swapnil Piparia
ID: 34917674
Hi scm0sml,

      Can you please post full code, You have mentioned that you are using forms authentication and FormsAuthentication.RedirectFromLoginPage(). From above code snippetI am not able to figure out where you have used forms authentication?

     
Thanks,
Netswap.
0
 

Author Comment

by:scm0sml
ID: 34917740
basically this is all i have at the moment because im testing and dont want to have to put a password in each time etc. The rest of the code is just commented in at the mo.

loggedInUser = HelperGeneral.GetUser(lgIndex.UserName)

            Session("UserID") = loggedInUser.UserID

            FormsAuthentication.RedirectFromLoginPage(lgIndex.UserName, lgIndex.RememberMeSet)

So from that I need my example above working but redirecting to different pages under each case staement.

Make sense?
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 16

Accepted Solution

by:
Swapnil Piparia earned 500 total points
ID: 34917941
Hi scm0sml,

           Then do following, use you code instead of FormsAuthentication.RedirectFromLoginPage(lgIndex.UserName, lgIndex.RememberMeSet)
loggedInUser = HelperGeneral.GetUser(lgIndex.UserName)

Session("UserID") = loggedInUser.UserID    

Dim userData As String = "ApplicationSpecific data for this user."

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,  
        loggedInUser,  
        DateTime.Now,  
        DateTime.Now.AddMinutes(30),  
        isPersistent,  
        userData,  
        FormsAuthentication.FormsCookiePath)
  
      // Encrypt the ticket.  
      string encTicket = FormsAuthentication.Encrypt(ticket)
  
      // Create the cookie.  
      Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
     Select Case loggedInUser.Profile.ProfileTypeID
                    Case Common.ProfileStatus.AccountsPayable
                        'direct to one link
                    Case Common.ProfileStatus.Import
                        'direct to another link
                    Case Common.ProfileStatus.RevenueControl
                        'direct to or another link
                     Case Else 
                               Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent)) 
                   End Select

Open in new window

0
 

Author Comment

by:scm0sml
ID: 34917973
OK so your code has created an auth ticket that means the user is now authenticated yes?

And I just do a normal response.redirect to my pages and they will be authorised to view pages........

Correct?
0
 
LVL 16

Expert Comment

by:Swapnil Piparia
ID: 34918882
Right.
0
 

Author Comment

by:scm0sml
ID: 35037067
Just an update on this, the re-driect is working fine but I am not sure the security is working properly. Apolgoies for the delay, will get back to you asap!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Lots of people ask this question on how to extend the “MembershipProvider” to make use of custom authentication like using existing database or make use of some other way of authentication. Many blogs show you how to extend the membership provider c…
In an ASP.NET application, I faced some technical problems. In this article, I list them out and show the solutions that I found.  I hope it will be useful. Problem: After closing a pop-up window, the parent page should be refreshed automaticall…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now