Solved

different destinations for FormsAuthentication.RedirectFromLoginPage

Posted on 2011-02-17
8
484 Views
Last Modified: 2012-05-11
I have my login page which uses formsauthentication and uses FormsAuthentication.RedirectFromLoginPage

The problem is that dependant on the user that logs in I want to redirect to different pages.

The user information is stored in a database an a user will be linked to different profiles etc.

I was thinking about just redirecting to an aspx page that does this work, so go to the database and get user details then a select case to do the different redirects.

Is there anyway I can set the formasautthentication redirect page rather than having to do my idea?
0
Comment
Question by:scm0sml
  • 4
  • 4
8 Comments
 
LVL 16

Expert Comment

by:Swapnil Piparia
ID: 34915913
Hi scm0sml,

In below article,
http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.getredirecturl%28v=vs.80%29.aspx

See following code snippet, and add your logic where I have put comment in bold.

     
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
        username,
        DateTime.Now,
        DateTime.Now.AddMinutes(30),
        isPersistent,
        userData,
        FormsAuthentication.FormsCookiePath);

      // Encrypt the ticket.
      string encTicket = FormsAuthentication.Encrypt(ticket);

      // Create the cookie.
      Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
        
[b]      // This will redirect to orginal url user has requested to (like in /login.aspx?ReturnUrl=caller.aspx, caller.aspx is the redirect url).
      // You can fetch database url here and redirect user to specific based on their config[/b]
      // Redirect back to original URL.
      Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));

Open in new window

 
 
Thanks,
netswap
0
 

Author Comment

by:scm0sml
ID: 34917444
Thanks for that.

The way I want it to work is:
 If HelperGeneral.AuthenticateUser(lgIndex.UserName, lgIndex.Password) Then

                loggedInUser = HelperGeneral.GetUser(lgIndex.UserName)
                Session("UserID") = loggedInUser.UserID

                Select Case loggedInUser.Profile.ProfileTypeID
                    Case Common.ProfileStatus.AccountsPayable
                        'direct to one link
                    Case Common.ProfileStatus.Import
                        'direct to another link
                    Case Common.ProfileStatus.RevenueControl
                        'direct to or another link
                End Select

            Else
                divTrouble.Visible = True
            End If

So as you can see we check the profile of a user and dependat on that want to redirect to specific pages.

How would your method fit into that?
0
 
LVL 16

Expert Comment

by:Swapnil Piparia
ID: 34917674
Hi scm0sml,

      Can you please post full code, You have mentioned that you are using forms authentication and FormsAuthentication.RedirectFromLoginPage(). From above code snippetI am not able to figure out where you have used forms authentication?

     
Thanks,
Netswap.
0
 

Author Comment

by:scm0sml
ID: 34917740
basically this is all i have at the moment because im testing and dont want to have to put a password in each time etc. The rest of the code is just commented in at the mo.

loggedInUser = HelperGeneral.GetUser(lgIndex.UserName)

            Session("UserID") = loggedInUser.UserID

            FormsAuthentication.RedirectFromLoginPage(lgIndex.UserName, lgIndex.RememberMeSet)

So from that I need my example above working but redirecting to different pages under each case staement.

Make sense?
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 16

Accepted Solution

by:
Swapnil Piparia earned 500 total points
ID: 34917941
Hi scm0sml,

           Then do following, use you code instead of FormsAuthentication.RedirectFromLoginPage(lgIndex.UserName, lgIndex.RememberMeSet)
loggedInUser = HelperGeneral.GetUser(lgIndex.UserName)

Session("UserID") = loggedInUser.UserID    

Dim userData As String = "ApplicationSpecific data for this user."

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,  
        loggedInUser,  
        DateTime.Now,  
        DateTime.Now.AddMinutes(30),  
        isPersistent,  
        userData,  
        FormsAuthentication.FormsCookiePath)
  
      // Encrypt the ticket.  
      string encTicket = FormsAuthentication.Encrypt(ticket)
  
      // Create the cookie.  
      Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
     Select Case loggedInUser.Profile.ProfileTypeID
                    Case Common.ProfileStatus.AccountsPayable
                        'direct to one link
                    Case Common.ProfileStatus.Import
                        'direct to another link
                    Case Common.ProfileStatus.RevenueControl
                        'direct to or another link
                     Case Else 
                               Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent)) 
                   End Select

Open in new window

0
 

Author Comment

by:scm0sml
ID: 34917973
OK so your code has created an auth ticket that means the user is now authenticated yes?

And I just do a normal response.redirect to my pages and they will be authorised to view pages........

Correct?
0
 
LVL 16

Expert Comment

by:Swapnil Piparia
ID: 34918882
Right.
0
 

Author Comment

by:scm0sml
ID: 35037067
Just an update on this, the re-driect is working fine but I am not sure the security is working properly. Apolgoies for the delay, will get back to you asap!
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

I recently went through the process of creating a Calendar Control of events with the basis of using a database to keep track of the dates that are selectable, one requirement was to have the selected date pop-up in a simple lightbox.  At first this…
User art_snob (http://www.experts-exchange.com/M_6114203.html) encountered strange behavior of Android Web browser on his Mobile Web site. It took a while to find the true cause. It happens so, that the Android Web browser (at least up to OS ver. 2.…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now