Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Forms Authentication, external authentication server, & rerouting to orig. req. URL

Reply
Thread Tools

Forms Authentication, external authentication server, & rerouting to orig. req. URL

 
 
Andrew Connell
Guest
Posts: n/a
 
      10-20-2003
I have an application where the authentication is based off another site (custom portal). The portal authenticates the user(s). Then, when they select an application, they are routed to the application's URL (different domain, different server). When they try to bypass the portal, I need to capture the URL they requested, route them to the portal (letting it authenticate them), and then send them back to the original requesting page.

My plan is:
> Request page from secure app URL (www.secureapp.com/foo.aspx).
> If not authenticated, use FormsAuthentication to route to www.secureapp.com/portalAuth/outbound.aspx which would capture the original requested URL (stored in cookie/session).
> The portal prompts for login and authenticates... sending them back to www.secureapp.com/portalAuth/inbound.aspx which pulls an encrypted QS value to assure they were authenticated and who they are. Sets some session variables, and sends them to the originally requested page.


My problem is that the GetRedirectUrl requires a username to get the URL requested... but I don't know the user until AFTER authentication. Seems like a flaw in the design of FormsAuthentication.

--
-AC
<replace NOSPAM with my last name>
 
Reply With Quote
 
 
 
 
Natty Gur
Guest
Posts: n/a
 
      10-21-2003
Hi,

But you can get user name from the text box where the user enter his
user name.

http://msdn.microsoft.com/library/de.../en-us/cpref/h
tml/frlrfsystemwebsecurityformsauthenticationclassgetr edirecturltopic.as
p

Natty Gur[MVP]
Phone Numbers:
Office: +972-(0)9-7740261
Fax: +972-(0)9-7740261
Mobile: +972-(0)58-888377


*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Best practices for using forms authentication and security in a hosted env (was: Re: Using a Forms authentication in a shared hosting environment) JEFF ASP .Net 1 11-12-2007 07:00 PM
forms authentication -- expired forms cookie vs. not provided forms cookie Eric ASP .Net Security 2 01-27-2006 10:09 PM
Rerouting Requests via a Proxy because of .NET "bug" Codex Twin ASP .Net 8 12-03-2004 05:54 PM
Forms Authentication question: How to have some pages open and some requiring forms authentication Eric ASP .Net 2 02-13-2004 02:14 PM
Rerouting Cisco calls via H.323 Pete Calvert VOIP 4 11-18-2003 02:53 PM



Advertisments