E
Edward Mitchell
I have an app that requires the user to login before accessing a
Register.aspx form. I am using Forms authorization so the lines in the
Web.config file are:
<authentication mode="Forms">
<forms loginUrl="Login.aspx">
</forms>
</authentication>
<authorization>
<deny users="?" /> <!--deny unauthorized users -->
<allow users="*" /> <!-- Allow all authorized users -->
</authorization>
Sure enough when the user browses to the page inside the folder they are
sent to the Login.aspx file. Inside this login file, I check the user
credentials and return to the original page via:
// return to the original page
FormsAuthentication.RedirectFromLoginPage(UserID.Text, false);
In the registration page the user enters some information and then clicks
the Submit button that puts stuff in the SQL server database and transitions
to a confirmation page.
The question now comes, how can I remove the authorization at this point.
If the user goes back to the Registration.aspx (the original page) they can
view the info directly. I want to make the user go through the Login.aspx
sequence again each time they push the Submit button on the information
collecting page.
I don't know how to unauthorize a user session from within the C# code that
is handling the Submit command.
I am using Visual Studio .NET 2003 and C#.
Any advice would be appreciated.
Ed
Register.aspx form. I am using Forms authorization so the lines in the
Web.config file are:
<authentication mode="Forms">
<forms loginUrl="Login.aspx">
</forms>
</authentication>
<authorization>
<deny users="?" /> <!--deny unauthorized users -->
<allow users="*" /> <!-- Allow all authorized users -->
</authorization>
Sure enough when the user browses to the page inside the folder they are
sent to the Login.aspx file. Inside this login file, I check the user
credentials and return to the original page via:
// return to the original page
FormsAuthentication.RedirectFromLoginPage(UserID.Text, false);
In the registration page the user enters some information and then clicks
the Submit button that puts stuff in the SQL server database and transitions
to a confirmation page.
The question now comes, how can I remove the authorization at this point.
If the user goes back to the Registration.aspx (the original page) they can
view the info directly. I want to make the user go through the Login.aspx
sequence again each time they push the Submit button on the information
collecting page.
I don't know how to unauthorize a user session from within the C# code that
is handling the Submit command.
I am using Visual Studio .NET 2003 and C#.
Any advice would be appreciated.
Ed