Response.Write does not seem to "do anything"

Hi, Experts -
I'm trying to get my first ASP.NET program to behave properly - and have hit a wall. The program is supposed to act as our single sign-on gateway and needs to do 3 things:
1.  Prompt for valid login ID and password;
2.  Validate these values against the Active Directory;
3.  If valid, pass the authenticated login ID to a routine that will encrypt the ID and transfer control to an external site.
The program is stuck at #3.
Here is the default.aspx.cs code that is supposed to perform this transfer:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Text;

namespace SSO
{
    public partial class SSODefault : System.Web.UI.Page
    {
        public new bool Error { get; set; }
        public string ErrorDescription { get; set; }

        protected void Page_Load(object sender, EventArgs e)
        {
        }
        
        // 06-14-12 jtf After UserID is authenticated by AD, pass UserID value to CSOD code
        public void OnLoggedIn(object sender, EventArgs e) 
        {
            Response.Write(GenerateForm(LoginUser.UserName));
        }

        public string GenerateForm(string userId)
        {
            StringBuilder sbForm = new StringBuilder();
            //get base url and all other URLs
            string acct = ConfigurationManager.AppSettings.Get("acct");
            string ssoURL = ConfigurationManager.AppSettings.Get("baseURL");
            string ouId = ConfigurationManager.AppSettings.Get("ouId");
            string logoutURL = ConfigurationManager.AppSettings.Get("logoutURL");
            string timeoutURL = ConfigurationManager.AppSettings.Get("timeoutURL");
            string errorURL = ConfigurationManager.AppSettings.Get("errorURL");
            string destURL = ConfigurationManager.AppSettings.Get("destURL");

            //get the encrypted token
           
            string encryptedToken = WCyberu.GetSecurityToken(acct, userId, string.Empty, logoutURL, timeoutURL, errorURL, destURL);
            if (Error)
            {
                if (!string.IsNullOrEmpty(errorURL))
                {
                    sbForm.AppendLine("<html>").AppendFormat("<body onload=\"window.location.href='{0}';\">", errorURL);
                    sbForm.AppendLine("</body>").AppendLine("</html>");
                }
                else
                {
                    sbForm.AppendFormat("<html><body><p>{0}</p></body></html>", ErrorDescription);
                }
            }
            else
            {
                sbForm.AppendLine("<html>").AppendLine("<body onload=\"document.forms[0].submit();\">");
                sbForm.AppendFormat("<form method=\"POST\" action=\"{0}\">", ssoURL).AppendLine();
                sbForm.AppendFormat("<input type=\"hidden\" name=\"key\" value=\"{0}\"/>", encryptedToken).AppendLine();
                sbForm.AppendFormat("<input type=\"hidden\" name=\"ouid\" value=\"{0}\"/>", ouId);
                sbForm.AppendLine("</form>").AppendLine("</body>").AppendLine("</html>");
            }
            return sbForm.ToString();
            }
    }
}

Open in new window

In debug sessions, I'm able to see the sbForm html that is being returned (see image):sbForm value returnedBut the program seems to ignore the
Response.Write(GenerateForm(LoginUser.UserName));

Open in new window

and simply displays the authenticated login ID (which I added just to make sure the program was doing something).

Help!  I don't know what to do to get this program to work for me...  If I could offer more points, I would.  Thanks so much for any insights you can pass on to me.
LVL 1
OGSanAsked:
Who is Participating?
 
OGSanAuthor Commented:
AHA!  I figured out my problem:  I am using the OnLoggedIn event - and should have left the call in the OnPageLoad event with the code as its own separate site.  Then I should have created a separate page to capture, authenticate, and pass the authenticated value to the separate site.  Will be requesting deletion of this question.
Thanks for the help though!
0
 
Obadiah ChristopherCommented:
Why not use Response.Redirect?

This code will write

<html>... ( the string generated by code)

inside the existing..

<html><form>...
0
 
OGSanAuthor Commented:
Thanks, informaniac - I just tried using Response.Redirect and got this error:
System.ArgumentException: Redirect URI cannot contain newline characters.
Line 22:         public void OnLoggedIn(object sender, EventArgs e)
Line 23:         {
Line 24:             Response.Redirect(GenerateForm(LoginUser.UserName));Line 25:         }
Line 26:
Darn - got me all excited...!  :-)
0
Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

 
Obadiah ChristopherCommented:
Well. You need to pass URL of a page in Response.Redirect.
0
 
OGSanAuthor Commented:
Oh - if this helps...here is what is being returned in the sbForms:
{<html>
<body onload="document.forms[0].submit();">
<form method="POST" action="https://COMPANYNM-pilot.csod.com/AESSSODefault.aspx">
<input type="hidden" name="key" value="3D6C0815C1023714771C70331E25B4382D2B2DD732E7594A5D33EEADAE09AA69FFD5409B8EEE4A7262A5EB072B402E821BE6267823DD9AB8B2A7575A03D91F31F249494BD003BDABF18FEBBE311F22A510CF3CA60DFAE981566E0741E2A6C8AC99B822BCE8F0A323F4FF8E70A862B589715D7F7F42AC083969F3560525E602074E0774D95D6B32EB0580A5D14046B7252656EFD6BA0DBAA1BE4C84D38CDAD246455B5A633D2EBE023F7D0C0A616E6DBE9B92E283E9EBC805958280B00AF37349AE32C66F70B551B62348357219F5CA886C206566E410158019BC0A40D5AD1F146E64088B0A9C0FF1A1BEC6D2C17B08BF"/>
<input type="hidden" name="ouid" value="1"/></form>
</body>
</html>
}
Hope this helps.
0
 
OGSanAuthor Commented:
More info:  I just moved the Response.Write(GenerateForm(loginUser.UserName)); to the Page_Load section - and the login screen displays for a second, then the page on the external site is displayed.  Of course, a valid login ID is not being passed so it displays the default screen...but maybe this means that my OnLoggedIn event is the wrong place for this???

I chose to use OnLoggedIn event because that made available the Loginuser.UserName value that I needed to provide to the GenerateForm module.

Is there another/better way I should do this?
0
 
OGSanAuthor Commented:
I am going to restructure the program and segregate the call in a separate site.  I'll create the default.aspx page to prompt for the login ID/Password and authenticate it against our AD, then pass the authenticated value to the separate site.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.