Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Authentication/Automatic Redirect?

Reply
Thread Tools

Authentication/Automatic Redirect?

 
 
Donald Williamson
Guest
Posts: n/a
 
      11-24-2003
Hi

Hope someone can help me with authentication and how the redirects work. I'
ve already tried searching previous posts but didn't really find anything.

for I have a page that checks to see if the user has logged in. If not, it
redirects them to the login page for authentication. After authenticating, I
want to redirect them back to the original page that sent them. I always get
redirected back to the default page. I noticed that the '?RedirectURL'
parameter is not being set so my question is how does this get set?

Here's me web.config code"
<authentication mode="Forms" >
<forms
name="fpSupport"
path="/"
loginUrl="Accounts/Login.aspx"
protection="All"
timeout="30">
</forms>
</authentication>


Here's the code that redirects them to the login page if they are not
authenticated:
If Not Context.User.Identity.IsAuthenticated Then
Response.Redirect("Accounts/Login.aspx")
End If


And here's the code on the login page after they have been authenticated:

FormsAuthentication.SetAuthCookie(UserName.Text, chkPersist.Checked)
FormsAuthentication.RedirectFromLoginPage(UserName .Text,
chkPersist.Checked)

Any assistance would greatly be appreciated!

- Donald



 
Reply With Quote
 
 
 
 
John Saunders
Guest
Posts: n/a
 
      11-24-2003
"Donald Williamson" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> Hi
>
> Hope someone can help me with authentication and how the redirects work.

I'
> ve already tried searching previous posts but didn't really find anything.
>
> for I have a page that checks to see if the user has logged in. If not,

it
> redirects them to the login page for authentication. After authenticating,

I
> want to redirect them back to the original page that sent them. I always

get
> redirected back to the default page. I noticed that the '?RedirectURL'
> parameter is not being set so my question is how does this get set?
>
> Here's me web.config code"
> <authentication mode="Forms" >
> <forms
> name="fpSupport"
> path="/"
> loginUrl="Accounts/Login.aspx"
> protection="All"
> timeout="30">
> </forms>
> </authentication>



If you're using Forms Authentication, your code should not be checking to
see if the user is authenticated. Instead, set up the <authorization>
section properly, and Forms Authentication will do it for you.
--
John Saunders
John.Saunders at SurfControl.com


 
Reply With Quote
 
 
 
 
Donald Williamson
Guest
Posts: n/a
 
      11-25-2003
Thanks John,

One more question about the <authorization>. I am setting up many multiple
directories. I only want to give anonymous permission to a few select
files. Most others will require that they be authenticated to view the files
in most of the directories.



Do I create a separate <authorization> config file for each directory that
needs to be authenticated or what is the best way to do this? Thanks again
for any help.



- Donald


>
> If you're using Forms Authentication, your code should not be checking to
> see if the user is authenticated. Instead, set up the <authorization>
> section properly, and Forms Authentication will do it for you.
> --
> John Saunders
> John.Saunders at SurfControl.com
>
>



 
Reply With Quote
 
John Saunders
Guest
Posts: n/a
 
      11-25-2003
"Donald Williamson" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thanks John,
>
> One more question about the <authorization>. I am setting up many

multiple
> directories. I only want to give anonymous permission to a few select
> files. Most others will require that they be authenticated to view the

files
> in most of the directories.
>
>
>
> Do I create a separate <authorization> config file for each directory that
> needs to be authenticated or what is the best way to do this? Thanks again
> for any help.


You can put a separate web.config in each directory if you like. Mostly,
people use <location> elements to specify the configuration of the
subdirectories.
--
John Saunders
John.Saunders at SurfControl.com


 
Reply With Quote
 
Donald Williamson
Guest
Posts: n/a
 
      11-26-2003
Thanks again John,

Getting closer ... hopefully my last question I'm working on the
location path. Here's what I have in my web.config:

<location path="~/Modules/SupportViewRequests/viewrequest.aspx">
<system.web>
<authorization>
<deny users="*" />
</authorization>
</system.web>
</location>

This is placed before the main <system.web> settings where, in part, I have
the following:
<authentication mode="Forms" >
<forms
name="fpSupport"
path="/"
loginUrl="Accounts/Login.aspx"
protection="All"
timeout="30">
</forms>
</authentication>

I did remove the redirect in my main page. However, I'm never automatically
getting redirected to the log-in page. What am I missing?

- Donald

>
> You can put a separate web.config in each directory if you like. Mostly,
> people use <location> elements to specify the configuration of the
> subdirectories.
> --
> John Saunders
> John.Saunders at SurfControl.com
>
>



 
Reply With Quote
 
Donald Williamson
Guest
Posts: n/a
 
      11-26-2003
Got it! FYI here's the correct code to lock the directory:

<location path="Modules/SupportViewRequests">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>

- Donald

"Donald Williamson" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thanks again John,
>
> Getting closer ... hopefully my last question I'm working on the
> location path. Here's what I have in my web.config:
>
> <location path="~/Modules/SupportViewRequests/viewrequest.aspx">
> <system.web>
> <authorization>
> <deny users="*" />
> </authorization>
> </system.web>
> </location>
>
> This is placed before the main <system.web> settings where, in part, I

have
> the following:
> <authentication mode="Forms" >
> <forms
> name="fpSupport"
> path="/"
> loginUrl="Accounts/Login.aspx"
> protection="All"
> timeout="30">
> </forms>
> </authentication>
>
> I did remove the redirect in my main page. However, I'm never

automatically
> getting redirected to the log-in page. What am I missing?
>
> - Donald
>



 
Reply With Quote
 
John Saunders
Guest
Posts: n/a
 
      11-26-2003
"Donald Williamson" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thanks again John,
>
> Getting closer ... hopefully my last question I'm working on the
> location path. Here's what I have in my web.config:
>
> <location path="~/Modules/SupportViewRequests/viewrequest.aspx">
> <system.web>
> <authorization>
> <deny users="*" />
> </authorization>
> </system.web>
> </location>
>
> This is placed before the main <system.web> settings where, in part, I

have
> the following:
> <authentication mode="Forms" >
> <forms
> name="fpSupport"
> path="/"
> loginUrl="Accounts/Login.aspx"
> protection="All"
> timeout="30">
> </forms>
> </authentication>
>
> I did remove the redirect in my main page. However, I'm never

automatically
> getting redirected to the log-in page. What am I missing?


Where's your main <authorization> element?
--
John Saunders
John.Saunders at SurfControl.com


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Advertisments