Authentication/Automatic Redirect?

D

Donald Williamson

Hi

Hope someone can help me with authentication and how the redirects work. I'
ve already tried searching previous posts but didn't really find anything.

for I have a page that checks to see if the user has logged in. If not, it
redirects them to the login page for authentication. After authenticating, I
want to redirect them back to the original page that sent them. I always get
redirected back to the default page. I noticed that the '?RedirectURL'
parameter is not being set so my question is how does this get set?

Here's me web.config code"
<authentication mode="Forms" >
<forms
name="fpSupport"
path="/"
loginUrl="Accounts/Login.aspx"
protection="All"
timeout="30">
</forms>
</authentication>


Here's the code that redirects them to the login page if they are not
authenticated:
If Not Context.User.Identity.IsAuthenticated Then
Response.Redirect("Accounts/Login.aspx")
End If


And here's the code on the login page after they have been authenticated:

FormsAuthentication.SetAuthCookie(UserName.Text, chkPersist.Checked)
FormsAuthentication.RedirectFromLoginPage(UserName.Text,
chkPersist.Checked)

Any assistance would greatly be appreciated!

- Donald
 
J

John Saunders

Donald Williamson said:
Hi

Hope someone can help me with authentication and how the redirects work. I'
ve already tried searching previous posts but didn't really find anything.

for I have a page that checks to see if the user has logged in. If not, it
redirects them to the login page for authentication. After authenticating, I
want to redirect them back to the original page that sent them. I always get
redirected back to the default page. I noticed that the '?RedirectURL'
parameter is not being set so my question is how does this get set?

Here's me web.config code"
<authentication mode="Forms" >
<forms
name="fpSupport"
path="/"
loginUrl="Accounts/Login.aspx"
protection="All"
timeout="30">
</forms>
</authentication>
Click to expand...


If you're using Forms Authentication, your code should not be checking to
see if the user is authenticated. Instead, set up the <authorization>
section properly, and Forms Authentication will do it for you.
 
D

Donald Williamson

Thanks John,

One more question about the <authorization>. I am setting up many multiple
directories. I only want to give anonymous permission to a few select
files. Most others will require that they be authenticated to view the files
in most of the directories.



Do I create a separate <authorization> config file for each directory that
needs to be authenticated or what is the best way to do this? Thanks again
for any help.



- Donald
 
J

John Saunders

Donald Williamson said:
Thanks John,

One more question about the <authorization>. I am setting up many multiple
directories. I only want to give anonymous permission to a few select
files. Most others will require that they be authenticated to view the files
in most of the directories.



Do I create a separate <authorization> config file for each directory that
needs to be authenticated or what is the best way to do this? Thanks again
for any help.
Click to expand...

You can put a separate web.config in each directory if you like. Mostly,
people use <location> elements to specify the configuration of the
subdirectories.
 
D

Donald Williamson

Thanks again John,

Getting closer ... hopefully my last question :) I'm working on the
location path. Here's what I have in my web.config:

<location path="~/Modules/SupportViewRequests/viewrequest.aspx">
<system.web>
<authorization>
<deny users="*" />
</authorization>
</system.web>
</location>

This is placed before the main <system.web> settings where, in part, I have
the following:
<authentication mode="Forms" >
<forms
name="fpSupport"
path="/"
loginUrl="Accounts/Login.aspx"
protection="All"
timeout="30">
</forms>
</authentication>

I did remove the redirect in my main page. However, I'm never automatically
getting redirected to the log-in page. What am I missing?

- Donald
 
D

Donald Williamson

Got it! FYI here's the correct code to lock the directory:

<location path="Modules/SupportViewRequests">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>

- Donald
 
J

John Saunders

Donald Williamson said:
Thanks again John,

Getting closer ... hopefully my last question :) I'm working on the
location path. Here's what I have in my web.config:

<location path="~/Modules/SupportViewRequests/viewrequest.aspx">
<system.web>
<authorization>
<deny users="*" />
</authorization>
</system.web>
</location>

This is placed before the main <system.web> settings where, in part, I have
the following:
<authentication mode="Forms" >
<forms
name="fpSupport"
path="/"
loginUrl="Accounts/Login.aspx"
protection="All"
timeout="30">
</forms>
</authentication>

I did remove the redirect in my main page. However, I'm never automatically
getting redirected to the log-in page. What am I missing?
Click to expand...

Where's your main <authorization> element?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Forms Authentication Redirecting to Login 1
Authentication enabled for all but a single directory or file. 2
Forms authentication with Active Directory 0
not enforcing authentication on some page 2
Forms Authentication accross applications Not working in Firefox? 1
Forms Authentication not Redirecting 1
authentication 0
Redirect To Login Page - Forms Authentication 4

Members online

Total: 74 (members: 6, guests: 68)
Robots: 443

Forum statistics

Threads
473,995
Messages
2,570,233
Members
46,821
Latest member
AleidaSchi

Latest Threads

Top