FormsAuthentication.RedirectFromLoginPage And Frames

Johan Karlsson · Jan 18, 2005

Hi!

I have a page called Login.aspx that handles login (takes username, pass and
compares to a database). If the user is authenticated,
FormsAuthentication.RedirectFromLoginPage is called and the page returns to
the returnUrl. Everything works fine!

BUT, (theres always a but) if I for some reason decide to put the above site
inside an iframe tag the page just resets if I type the correct username and
password. I still get error messages if I typ the wrong one. Exemple:
<iframe src="http://www.someurl.se/default.aspx">

Seems like there is a problem with the cookie that is supposed to get set?

Looking forward to any input into this problem.

Thanks!
Johan Karlsson

Daniel Fisher\(lennybacon\) · Jan 18, 2005

BUT, (theres always a but) if I for some reason decide to put the above

site inside an iframe tag the page just resets if I type the correct
username and

YES!, There is always a BUT if you use frames.

;-)

Do you handle the AuthenticateRequests somehow?

Johan Karlsson · Jan 19, 2005

Hi!

If I decided the frame would go, but the customers cms must have my part
inside of a frame so I don't have a choice.

The page is divided into 2 sections where the top frame only contains a
logotype and the bottom half the original system.

If I handle the AuthenticateRequests? I must say that I'm no security expert
so I only did what it says in the books. (the easy examples

)

That is:

1) Get user and pass
2) Verify if valid or not
3) If valid, call FormsAuthentication.RedirectFromLoginPage(u.Login, False)

As stated before, this works in an "unframed environment". What is the
difference when running inside a frame comparing to a top level window?

I'm sure that the behavior has some very logical explanation and I'm really
curios to find out what it is.

Thanks!
/Johan

Daniel Fisher\(lennybacon\) · Jan 30, 2005

You must assigen the IPricipal in the OnAuthenticateRequest Method
(Global.asax).

Johan Karlsson · Feb 1, 2005

Hi!

Could you give an example? Does this cause the behavior that is doesn't work
in frames but do work outside of frames?

Thanks
/Johan

FormsAuthentication.RedirectFromLoginPage()	4	Jun 23, 2006
FormsAuthentication.RedirectFromLoginPage	8	Feb 16, 2005
createPersistentCookie not working in FormsAuthentication.RedirectFromLoginPage	0	Jul 27, 2006
FormsAuthentication.RedirectFromLoginPage with Frames	1	Nov 27, 2003
FormsAuthentication.RedirectFromLoginPage question	1	Feb 12, 2005
FormsAuthentication.RedirectFromLoginPage is not redirecting to the correct page.	1	Sep 21, 2005
FormsAuthentication.RedirectFromLoginPage alternative?	2	Oct 22, 2004
resizable frames	4	Apr 7, 2009

FormsAuthentication.RedirectFromLoginPage And Frames

Johan Karlsson

Daniel Fisher\(lennybacon\)

Johan Karlsson

Daniel Fisher\(lennybacon\)

Johan Karlsson

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads