My site requires all users to log on. Depending on the user's role, they
will have access to a certain set of pages.
I implemented this by redirecting the user to the appropriate home page in
the handler for the LoggedIn event of the Login control.
The problem is that users don't always go through the Login control. For
example, if I check the Remember Me box and then disconnect and then
reconnect, I go straight to default.aspx in the root folder withough having
to log in again. And so my code doesn't have a chance to redirect the user
based on role in this case.
I'm thinking the answer would be to modify the default page depending on the
current role, but I'm not sure how to do that. I'm also curious if anyone
has any better ideas.
Thanks.
--
Jonathan Wood
SoftCircuits Programming http://www.softcircuits.com 7 2282
The default page is determined by the web server and not something to be
changed in code. Also, it's good not to mess with the list because it can
affect perormance. The longer the list for example, the longer it takes IIS
to check what is the default page for a directory.
Why don't you put a check into the default.aspx page itself? You can check
if the user is currently authenticated and if so, determine where they
should go. Essentially, your default page just becomes a redirecting agent.
The tricky part though is you wouldn't be able to have a normal default.aspx
page since you can't determine whether the person who is visiting it just
returned to the site, or if they have been logged on for a while and are
just navigating around. With the right structure though this can be a moot
point, especially if the default.aspx page isn't something that they'll hit
except when they return to the site.
--
Hope this helps,
Mark Fitzpatrick
Microsoft MVP - Expression
"Jonathan Wood" <jw***@softcirc uits.comwrote in message
news:%2******** ********@TK2MSF TNGP02.phx.gbl. ..
My site requires all users to log on. Depending on the user's role, they
will have access to a certain set of pages.
I implemented this by redirecting the user to the appropriate home page in
the handler for the LoggedIn event of the Login control.
The problem is that users don't always go through the Login control. For
example, if I check the Remember Me box and then disconnect and then
reconnect, I go straight to default.aspx in the root folder withough
having to log in again. And so my code doesn't have a chance to redirect
the user based on role in this case.
I'm thinking the answer would be to modify the default page depending on
the current role, but I'm not sure how to do that. I'm also curious if
anyone has any better ideas.
Thanks.
--
Jonathan Wood
SoftCircuits Programming http://www.softcircuits.com
Couple of ways you can handle this one.
1. Create a basepage class and have all the pages derive from it. Override
the onpreinit event in the basepage class and add your logic to redirect
users based on thier current roles.
2. You can override the onauthenticate event in global.asax file and if the
user is already authenticated and the current requested url is default.aspx,
then apply your logic to redirect appropriately.
Thanks,
Kumaran
Software Architect www.superbuild.com
"Jonathan Wood" <jw***@softcirc uits.comwrote in message
news:%2******** ********@TK2MSF TNGP02.phx.gbl. ..
My site requires all users to log on. Depending on the user's role, they
will have access to a certain set of pages.
I implemented this by redirecting the user to the appropriate home page in
the handler for the LoggedIn event of the Login control.
The problem is that users don't always go through the Login control. For
example, if I check the Remember Me box and then disconnect and then
reconnect, I go straight to default.aspx in the root folder withough
having to log in again. And so my code doesn't have a chance to redirect
the user based on role in this case.
I'm thinking the answer would be to modify the default page depending on
the current role, but I'm not sure how to do that. I'm also curious if
anyone has any better ideas.
Thanks.
--
Jonathan Wood
SoftCircuits Programming http://www.softcircuits.com
Kumaran,
(Sorry for the slow reply. I've been trying to work through some of these
issues.)
1. Create a basepage class and have all the pages derive from it. Override
the onpreinit event in the basepage class and add your logic to redirect
users based on thier current roles.
Thanks but I don't believe that will work. Users who are not supposed to
access the default page do not have access to the root folder. Therefore, it
appears they just get taken to the login page even though they are already
logged in and authentication code withing default.aspx would never get a
chance to run. I thought about setting the access-denied page and having
that forward them, but even that won't work because some users will not have
access to the folder that page is in.
2. You can override the onauthenticate event in global.asax file and if
the user is already authenticated and the current requested url is
default.aspx, then apply your logic to redirect appropriately.
Well, I couldn't find any OnAuthenticate event. But there is something like
that. I'll play with that a bit and see if I can make it work.
Thanks.
--
Jonathan Wood
SoftCircuits Programming http://www.softcircuits.com
>
"Jonathan Wood" <jw***@softcirc uits.comwrote in message
news:%2******** ********@TK2MSF TNGP02.phx.gbl. ..
>My site requires all users to log on. Depending on the user's role, they will have access to a certain set of pages.
I implemented this by redirecting the user to the appropriate home page in the handler for the LoggedIn event of the Login control.
The problem is that users don't always go through the Login control. For example, if I check the Remember Me box and then disconnect and then reconnect, I go straight to default.aspx in the root folder withough having to log in again. And so my code doesn't have a chance to redirect the user based on role in this case.
I'm thinking the answer would be to modify the default page depending on the current role, but I'm not sure how to do that. I'm also curious if anyone has any better ideas.
Thanks.
-- Jonathan Wood SoftCircuits Programming http://www.softcircuits.com
Mark,
(Sorry for the slow reply. I've been trying to work through some of these
issues.)
Why don't you put a check into the default.aspx page itself? You can check
if the user is currently authenticated and if so, determine where they
should go. Essentially, your default page just becomes a redirecting
agent. The tricky part though is you wouldn't be able to have a normal
default.aspx page since you can't determine whether the person who is
visiting it just returned to the site, or if they have been logged on for
a while and are just navigating around. With the right structure though
this can be a moot point, especially if the default.aspx page isn't
something that they'll hit except when they return to the site.
Thanks but I don't believe that will work. Users who are not supposed to
access the default page do not have access to the root folder. Therefore, it
appears they just get taken to the login page even though they are already
logged in and authentication code withing default.aspx would never get a
chance to run. I thought about setting the access-denied page and having
that forward them, but even that won't work because some users will not have
access to the folder that page is in.
--
Jonathan Wood
SoftCircuits Programming http://www.softcircuits.com
"Mark Fitzpatrick" <ma******@fitzm e.comwrote in message
news:Ov******** ******@TK2MSFTN GP05.phx.gbl...
The default page is determined by the web server and not something to be
changed in code. Also, it's good not to mess with the list because it can
affect perormance. The longer the list for example, the longer it takes
IIS to check what is the default page for a directory.
--
Hope this helps,
Mark Fitzpatrick
Microsoft MVP - Expression
"Jonathan Wood" <jw***@softcirc uits.comwrote in message
news:%2******** ********@TK2MSF TNGP02.phx.gbl. ..
>My site requires all users to log on. Depending on the user's role, they will have access to a certain set of pages.
I implemented this by redirecting the user to the appropriate home page in the handler for the LoggedIn event of the Login control.
The problem is that users don't always go through the Login control. For example, if I check the Remember Me box and then disconnect and then reconnect, I go straight to default.aspx in the root folder withough having to log in again. And so my code doesn't have a chance to redirect the user based on role in this case.
I'm thinking the answer would be to modify the default page depending on the current role, but I'm not sure how to do that. I'm also curious if anyone has any better ideas.
Thanks.
-- Jonathan Wood SoftCircuits Programming http://www.softcircuits.com
Hi Jonathan,
As I mentioned in your other thread, I think the real problem is that you
have restricted access to the default page in the root folder. IMO it would
be best to redesign your site such that all users have access to the root
folder and move any pages that need to be secured into sub-folders.
Scott
"Jonathan Wood" <jw***@softcirc uits.comwrote in message
news:uf******** ******@TK2MSFTN GP02.phx.gbl...
Users who are not supposed to access the default page do not have access
to the root folder.
Yeah, I haven't come up with anything better. However, now I'm wondering if
I can make access to Default.aspx global but keep other files in the root
folder restricted. This way, all users can access Default.aspx but the
primary users will still use the root folder.
Now I just need to determine if ASP.NET will allow me to allow all users to
access a single file in a folder but not any other files...
Thanks.
--
Jonathan Wood
SoftCircuits Programming http://www.softcircuits.com
"Scott Roberts" <sr******@webwo rks-software.comwro te in message
news:Ol******** ******@TK2MSFTN GP05.phx.gbl...
Hi Jonathan,
As I mentioned in your other thread, I think the real problem is that you
have restricted access to the default page in the root folder. IMO it
would be best to redesign your site such that all users have access to the
root folder and move any pages that need to be secured into sub-folders.
Scott
"Jonathan Wood" <jw***@softcirc uits.comwrote in message
news:uf******** ******@TK2MSFTN GP02.phx.gbl...
>Users who are not supposed to access the default page do not have access to the root folder.
And I found I am able to allow global access to Default.aspx but not other
files in the root folder. I'm pretty sure I'll go with some variation on
that!
Thanks agian.
--
Jonathan Wood
SoftCircuits Programming http://www.softcircuits.com
"Scott Roberts" <sr******@webwo rks-software.comwro te in message
news:Ol******** ******@TK2MSFTN GP05.phx.gbl...
Hi Jonathan,
As I mentioned in your other thread, I think the real problem is that you
have restricted access to the default page in the root folder. IMO it
would be best to redesign your site such that all users have access to the
root folder and move any pages that need to be secured into sub-folders.
Scott
"Jonathan Wood" <jw***@softcirc uits.comwrote in message
news:uf******** ******@TK2MSFTN GP02.phx.gbl...
>Users who are not supposed to access the default page do not have access to the root folder.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Michael Kalina |
last post by:
Because when I asked for comments on my site-design (Remember? My site,
your opinion!) some of you told me never to change anything on
font-sizes!
What do you guys think of that: http://www.clagnut.com/blog/348/
I hope that's going to be a good discussion!
Michael
|
by: Mauricio |
last post by:
Hi,
I´m building an application that uses Forms
Authentication.
By default, when I enter into the application without
specifing a file, the default page that is loaded after
the logon page is: default.aspx
http://localhost/application/
|
by: DanB |
last post by:
This is probably soooo simple but I can't seem to get it.
I have a text file that I want users to download via a web page.
I want the file to be saved to a default folder (or one that they choose)
on the users / client file system.
I have toyed with a Self-Extracting zip file but the contents of my zip file
changes each time it is downloaded so that invalidates the exe file. Also
the text file is so small it is a waste to zip it.
|
by: Harry Smith |
last post by:
While reading the documentation on IsStartupScriptRegistered, there is a
reference to "client startup script" as "Determines if the client startup
script is registered with the Page object."
What is meant by "Client Start Script"?
Thanks,
Harry
|
by: Daves |
last post by:
I want to have another default page than the default.aspx, can I change this
in web.config?
| |
by: dbuchanan |
last post by:
What determines if .NET builds an EXE or a DLL file.
(My NUnit testfixture needs a reference to my dll file, but my
applicaiton builds an exe file.)
|
by: Brad Baker |
last post by:
I have an asp.net/csharp application that requires a particular variable to
work properly. This variable is usually passed via a query string in the URL
when the application is first run but under certain circumstances the query
string may not contain the variable. So I need some way of establishing a
default value if one isn't set.
Is there some way I can set a query string on page_load OR is there some way
I can use a global variable...
|
by: brianflannery |
last post by:
Greetings all!
My problem is this. I've installed a new printer on my computer.
This is the "default printer" for access. Now, some of my reports,
which were working fine with the old printer, are now showing up with
an odd view (very enlarged) in preview. If I go to page setup, and
choose specific printer to then look at the paper size listed in my
default printer, it shows Hegaki Card 100mmX148mm instead of letter.
It seems as...
|
by: yogarajan |
last post by:
Hi four months ago I was developed one web site. That website default page is index.htm. Now am create one flash intro page that page called intro.html
how can i change my default page index.htm to intro.html
I am using third party server.
I am using asp page
i am not interested to change home page contains 'flash intro' page
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |