开发者

ASP.Net Authentication if ReturnURL null UserData comes empty

开发者 https://www.devze.com 2023-03-06 05:01 出处:网络
Hi there is a problem in my login page. The scenario is, For example i go to www.mydomain.com/admin/ its redirecting me to the login page with ReturnURL parameter like this. www.mydomain.com/login.asp

Hi there is a problem in my login page.

The scenario is,

For example i go to www.mydomain.com/admin/ its redirecting me to the login page with ReturnURL parameter like this. www.mydomain.com/login.aspx?ReturnURL=%2fAdmin%2f.

I am logging in with admin account and everything works fine.

But if i go to Login.aspx directly which means there isn't ReturnURL QueryString field.

I log in with same admin account but when i try to go www.mydomain.com/admin/ after i logged in its redirecting me back to the login page.

I'm doing navigates like this. What i am missing?

//The code block that is logging in admin.
//check if there is a ReturnURL
if (QueryStringTool.IsExistAndNotNull("ReturnURL"))
{
    Session["UserType"] = UserTypes.UserType.Admin;
    Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text.Trim(), false));
}
//ReturnURL doesn't exists.
else
{
    FormsAuthentication.SetAuthCookie(txtUserName.Text, cbUserRememberMe.Checked);
    Response.Redirec开发者_如何转开发t("/Admin/Default.aspx");
}


Now try this. Replace your code

//check if there is a ReturnURL

    if (QueryStringTool.IsExistAndNotNull("ReturnURL"))
    {
        Session["UserType"] = UserTypes.UserType.Admin;
        Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text.Trim(), false));
    }
    //ReturnURL doesn't exists.
    else
    {
        FormsAuthentication.SetAuthCookie(txtUserName.Text, cbUserRememberMe.Checked);
        Response.Redirect("/Admin/Default.aspx");
    }

with this one

if("Check if User Is Authentic")
{
Session["UserType"] = UserTypes.UserType.Admin;
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, cbUserRememberMe.Checked);
}

This will work for your whole code. Redirects an authenticated user back to the originally requested URL or the default URL.
Check on Default page Load event Session["UserType"] if user is Admin then redirect him to admin page


This is a sample web.config

<configuration>
   <system.web>
   <authentication mode="Forms">
      <forms 
      name="401kApp" 
      loginUrl="/login.aspx"
      cookieless="AutoDetect"
      defaultUrl="myCustomLogin.aspx">
      <credentials passwordFormat = "SHA1">   
         <user name="UserName" 
         password="07B7F3EE06F278DB966BE960E7CBBD103DF30CA6"/>
      </credentials>   
      </forms>
   </authentication>
   </system.web>
</configuration><br/>

set defaultUrl="yourdefaultpageURL" in web.config
OR
you can use FormsAuthentication.RedirectFromLoginPage Method (String, Boolean)

0

精彩评论

暂无评论...
验证码 换一张
取 消