Solved

How do I check authentication and then redirect user based on the check?

Posted on 2014-12-06
2
308 Views
Last Modified: 2014-12-08
I am using BlogEngine 3.0.. There is no code behind page for default.aspx in the web app. So I am using the site.master.cs in the theme to make the check I need. I need to check to see if the person coming to the page is authenticated and if not redirected to Login. If they are authenticated to check and see if they are an Administrator or a Teacher. If not redirect the user to a page NotAllowed.aspx. Below is the code for the code behind on the site.master.

  protected void Page_Load(object sender, EventArgs e)
  {
      if (!Request.IsAuthenticated)
      {
          Response.Redirect("account/login.aspx");
      }
      else if (!Roles.IsUserInRole("Administrators")) ||
           !Roles.IsUserInRole("Teacher")
      {
          Response.Redirect("account/NotApproved.aspx");
      }      
     
This is what happens:
When I first visit the page I am sent to Login as I should be. When I log on I am just redirected back to Login. It doesn't matter what credentials I use to log in, whethr an administrator's or a teacher's.

This seems simple. I can't see what I am missing. Thanks for your assistance.
0
Comment
Question by:bobbellows
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
Camillia earned 500 total points
ID: 40484851
This is how I do it in master page of one of my projects

Aspx page:

 <form action="#" method="post"  id="frm" runat="server" >
    <div id="login_area">
      <fieldset >
        <legend>Member log-in <asp:Literal ID="lmsg" runat="server" ></asp:Literal> </legend> 
      
        
            <asp:Login ID="Login1" Orientation="Horizontal"  LoginButtonStyle-CssClass="submit_text_link" 
            LoginButtonText="Submit"  OnAuthenticate="OnAuthenticate"    LoginButtonType="Link" TitleText=""    DisplayRememberMe="false" 
            TextLayout="TextOnTop"   FailureText="Invalid username or password"  runat="server">
            
             <LayoutTemplate>
               
                <table width="320" border="0" cellspacing="0" cellpadding="0">
                    <tr>
                    <td><label for="username">Username:</label>
                    <asp:TextBox  ID="UserName" runat="server"></asp:TextBox></td>&nbsp;
                    <td ><label for="password">Password:</label>
                    <asp:TextBox  ID="Password"   runat="server"  TextMode="Password"></asp:TextBox></td>
                    </tr> 
                    
                    <tr align="right">
              
                    <td  colspan="2">
                    
                    <asp:LinkButton id="Login" CommandName="Login" CssClass="submit_text_link" runat="server" Text="Submit"></asp:LinkButton></td>
                    </tr>
                    
                    </table>
                                 
             </LayoutTemplate>
                             
            </asp:Login>
      
    
        </fieldset>
       

       <br /> 
     </div> <!--new -->

     <!-- bottom of the page -->
     <div >
            <asp:ContentPlaceHolder  id="MasterContentPlaceHolder1" runat="server">
        
            </asp:ContentPlaceHolder>
     </div>
    </form>

Open in new window


Code behind in Login.master

protected void Page_Load(object sender, EventArgs e)
    {
        //http://msdn.microsoft.com/en-us/library/system.web.ui.webcontrols.login.layouttemplate.aspx

        FindButton(Login1);
        Login1.Focus();
     


    }

    public void FindButton(Control c)
    {//focus on submit button
        foreach (Control b in c.Controls)
        {
            if (b is LinkButton)
            {
                b.Focus();
                frm.DefaultButton = b.UniqueID;
                return;

                
            }
            if (b.HasControls())
            {
                FindButton(b);
            }
        }
    } 


private bool SiteSpecificAuthenticationMethod(string userName, string password)
    {
        
        try
        {
            if (string.IsNullOrEmpty(Login1.UserName) || string.IsNullOrEmpty(Login1.Password))
            {
                lmsg.Text = "<font style='font-size:11px; color:#ff0000'>Username & Password are required.</font>";
                return false;
            }
             if (Membership.GetUser(Login1.UserName) != null)
            {
                bool LockStatus = Membership.GetUser(Login1.UserName).IsLockedOut;
                if (LockStatus)
                {
                    lmsg.Text = "<font style='font-size:11px; color:#ff0000'>Your account is locked.</font>";
                    return false;
                }
            }

            if  (Membership.ValidateUser(Login1.UserName, Login1.Password))
            {
               
                Session["username"] = Login1.UserName;
                ProfileData pd = new ProfileData();

                foreach (var row in pd.LoadOfficeUserNameDetail(Login1.UserName))
                {
                   ///some business logic code for my project goes here
                }
            }

            else
            {
                lmsg.Text = "<font style='font-size:11px; color:#ff0000'>Invalid Username or Password.</font>";
                return false;
            }
        }
        catch (Exception ex)
        {
           // I log exception here
            };

                    return false;
          

        }
        return true;
    }


    public void OnAuthenticate(object sender, AuthenticateEventArgs e)
    {
        bool authenticated = false;
        authenticated = SiteSpecificAuthenticationMethod(Login1.UserName, Login1.Password);

        e.Authenticated = authenticated;

      
        
       
            if (authenticated && Roles.IsUserInRole(Login1.UserName, "Admin")
                Login1.DestinationPageUrl = "~/main/profile/InitialSignup.aspx?pageTitleId=50";
               

    }

Open in new window

0
 

Author Closing Comment

by:bobbellows
ID: 40488151
Thanks so much. I can adapt this.
Bob
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
This video teaches users how to migrate an existing Wordpress website to a new domain.
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question