How to know when to RedirectFromLoginPage?

R

Randall Parker

Suppose the first URL a visitor visits is Logon.aspx. There's not an original page to
return the user to. So how can I detect whether to send the user to the original page
he tried to visit versus send him to a default page?

I'm looking at this in the MS doc:

http://msdn.microsoft.com/library/d...mWebSecurityFormsAuthenticationClassTopic.asp

void LoginBtn_Click(Object sender, EventArgs e)
{
if (Page.IsValid)
{
// Call the authentication event handler delegate (not included in
this example).
if (FormsAuthentication.Authenticate(UserName.Text, UserPass.Text))
{
// Return to the originally requested URL.
FormsAuthentication.RedirectFromLoginPage(UserName.Text,
Remember.Checked);
}
else
{
Msg.Text = "Invalid Credentials: Please try again";
}
}
}

Well, I want to send the user to somem page that is my default if he didn't try to
visit some page already.
 
E

Edwin Knoppert

I always enforce the default.aspx i want.
No-one has any business in the login page after login.
If you want an automated system, you could deny logged-in users?
(web.config, never tried that though)
 
R

Randall Parker

Edwin,

Once a user has seen:
http://www.somesiteurlhere.com/Logon.aspx
the user could bookmark that URL.

So users could certainly enter the site on the Logon.aspx page. Or the user could
enter on a different page and then get redirected to Logon.aspx. I want to detect the
difference between those two cases.

So when that user hits that URL how do I detect he came in to that URL without trying
to access another page on the same site?

I want to detect that the first page visited was Logon.aspx and then redirect to a
particular page. How to detect that?
 
E

Edwin Knoppert

1) I have 2 apps running where i logoff the user when they access this
logon.aspx
Just my decision, maybe not yours, it will learn them not to bookmark this
page :)

2) If they access this page, and they are already authenticated, redirect in
page_load ?
Maybe i have overlooked a part of your problem here.
There is a 'user object' somewhere in FormsAuthentication to determine:
..isauthenticated()
 
R

Randall Parker

Edwin,

Yes, you missed my problem: In both cases (visit Logon.aspx first or visit some other
page first) I am thinking about the case where the user has NOT logged on first.

The two cases where he is not already logged on.

1) The user visits Logon.aspx first. The user logs in. Okay, I want to redirect the
user. But I should NOT redirect him back to Logon.aspx. I need to detect that the
user came to Logon.aspx first and then redirect the user to my default starter page.

2) The user visits some other page first and gets redirected to Logon.aspx because
he's not already logged on. Okay, he logs on. Then I redirect to where he first tried
to visit.
 
E

Edwin Knoppert

Well #2 should address that :)

However, in the 2nd item you gave, returnurl is set.
So use querystring("returnurl") and use that.
 
E

Edwin Knoppert

Hmm, it seems you found a solution already:

Topic "How to keep RETURNURL in the URL if incorrect password?"

?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How to keep RETURNURL in the URL if incorrect password? 1
Newbie question 1
Hello everyone... 3
RedirectFromLoginPage never returns to original page 8
RedirectFromLoginPage not redirecting to RedirectUrl 4
Question about redirecting a user after authentication 2
how to redirect when the user is logged? 1
How to modify the default page flow in ASP.NET 3

Top