By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,983 Members | 1,597 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,983 IT Pros & Developers. It's quick & easy.

Forms Authentication, external authentication server, & rerouting to orig. req. URL

P: n/a
I have an application where the authentication is based off another site (custom portal). The portal authenticates the user(s). Then, when they select an application, they are routed to the application's URL (different domain, different server). When they try to bypass the portal, I need to capture the URL they requested, route them to the portal (letting it authenticate them), and then send them back to the original requesting page.

My plan is:
Request page from secure app URL (www.secureapp.com/foo.aspx).
If not authenticated, use FormsAuthentication to route to www.secureapp.com/portalAuth/outbound.aspx which would capture the original requested URL (stored in cookie/session).
The portal prompts for login and authenticates... sending them back to www.secureapp.com/portalAuth/inbound.aspx which pulls an encrypted QS value to assure they were authenticated and who they are. Sets some session variables, and sends them to the originally requested page.


My problem is that the GetRedirectUrl requires a username to get the URL requested... but I don't know the user until AFTER authentication. Seems like a flaw in the design of FormsAuthentication.

--
-AC
<replace NOSPAM with my last name>
Nov 17 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
Hi,

But you can get user name from the text box where the user enter his
user name.

http://msdn.microsoft.com/library/de.../en-us/cpref/h
tml/frlrfsystemwebsecurityformsauthenticationclassgetr edirecturltopic.as
p

Natty Gur[MVP]
Phone Numbers:
Office: +972-(0)9-7740261
Fax: +972-(0)9-7740261
Mobile: +972-(0)58-888377
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Nov 17 '05 #2

P: n/a
Hi,

But you can get user name from the text box where the user enter his
user name.

http://msdn.microsoft.com/library/de.../en-us/cpref/h
tml/frlrfsystemwebsecurityformsauthenticationclassgetr edirecturltopic.as
p

Natty Gur[MVP]
Phone Numbers:
Office: +972-(0)9-7740261
Fax: +972-(0)9-7740261
Mobile: +972-(0)58-888377
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Nov 17 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.