Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   ASP .Net (http://www.velocityreviews.com/forums/f29-asp-net.html)
-   -   FormsAuthentication redirect after timeout (http://www.velocityreviews.com/forums/t589679-formsauthentication-redirect-after-timeout.html)

christine.nguyen@gmail.com 02-05-2008 05:22 PM

FormsAuthentication redirect after timeout
 
I am using Forms Authentication under Windows Server 2003 in .NET
2.0. It appears that the auth ticket is expiring when it's supposed
to but it doesn't automatically redirect the user to the login page.
Here is some watered down sample code I had to put in the onLoad of my
page in order to properly redirect the user upon expiration of the
login. It appears that once the auth ticket is expired, the name of
the Identity is lost (which makes sense) and then I redirect the user.

protected override void OnLoad(EventArgs e)
string userName = HttpContext.Current.User.Identity.Name;
if(String.IsNullOrEmpty(userName)
Response.Redirect(redirectUrl);
}

My question is whether I really have to include such code in my page
to handle the the empty Identity name or should the framework be
redirecting on its own once the auth ticket has expired and the
identity name is empty?

Thanks,
Christine

Misbah Arefin 02-05-2008 06:13 PM

Re: FormsAuthentication redirect after timeout
 
specifying the login url in the web.config file should solve your problem.
by doing that the user will be automatically redirected to the login page at
his/her first request to a secured path.

<forms name=".aspxlogin" loginUrl="~/Login.aspx" />

--
Misbah Arefin

<christine.nguyen@gmail.com> wrote in message
news:ad3c77c4-2cfb-43ec-b7fe-05c26af58063@q21g2000hsa.googlegroups.com...
> I am using Forms Authentication under Windows Server 2003 in .NET
> 2.0. It appears that the auth ticket is expiring when it's supposed
> to but it doesn't automatically redirect the user to the login page.
> Here is some watered down sample code I had to put in the onLoad of my
> page in order to properly redirect the user upon expiration of the
> login. It appears that once the auth ticket is expired, the name of
> the Identity is lost (which makes sense) and then I redirect the user.
>
> protected override void OnLoad(EventArgs e)
> string userName = HttpContext.Current.User.Identity.Name;
> if(String.IsNullOrEmpty(userName)
> Response.Redirect(redirectUrl);
> }
>
> My question is whether I really have to include such code in my page
> to handle the the empty Identity name or should the framework be
> redirecting on its own once the auth ticket has expired and the
> identity name is empty?
>
> Thanks,
> Christine
>


christine.nguyen@gmail.com 02-05-2008 10:22 PM

Re: FormsAuthentication redirect after timeout
 
Hello,

I do specify the login url in web.config, but for whatever reason it
doesn't redirect upon timeout when a secured resource is accessed.
Instead it throws an exception when I try to access and use the value
in HttpContext.Current.User.Identity.Name (which is now empty). This
is why i put code into the onLoad in order to prevent the exception.
Is there a reason why it wouldn't redirect even though I have the
login url specified in web.config?

Thanks,
Christine


All times are GMT. The time now is 09:51 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.