By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,444 Members | 3,110 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,444 IT Pros & Developers. It's quick & easy.

What if I dont want to redirect after a user logs in?

P: n/a
I'm using Forms authentication with my user data in a SQL db. I have pages
in the main appliaction folder accessible to anonymous users and I've set
security to deny annonymous users access to pages in several sub folders
(e.g. admin). I've set up a login page where users trying to access any
/admin/ page are diverted to and on successful login they are redirected
back to the page they requested.

All is well. Everything works.

I want it to work a different way.

I want to display a user control on every page to enable a visitor to login
at any time (or log out if he's logged in) and to show options appropriate
to logged in users. I have it mostly working BUT when my user is on page
/somepage.aspx and logs in I want him to see page /somepage.aspx again
(revised with appropriate options for a logged in user) and *not*
default.aspx or any other page.

FormsAuthentication seems to demand that I send my user away to another
page, and uses Default.aspx if there isn't one specified in the URL.

How can I get my user authenticated and keep him on the same page?

I guess I'm looking for a
FormsAuthentication.AuthenticateButDontRedirectAny where() method.

Anyone done this? Anyone tell me where I should be looking?

Brian Lowe
---------@

Nov 18 '05 #1
Share this Question
Share on Google+
4 Replies


P: n/a
FormsAuthentication.SetAuthCookie

"Brian Lowe" <no@reply.address> wrote in message
news:%2****************@tk2msftngp13.phx.gbl...
I'm using Forms authentication with my user data in a SQL db. I have pages
in the main appliaction folder accessible to anonymous users and I've set
security to deny annonymous users access to pages in several sub folders
(e.g. admin). I've set up a login page where users trying to access any
/admin/ page are diverted to and on successful login they are redirected
back to the page they requested.

All is well. Everything works.

I want it to work a different way.

I want to display a user control on every page to enable a visitor to login at any time (or log out if he's logged in) and to show options appropriate
to logged in users. I have it mostly working BUT when my user is on page
/somepage.aspx and logs in I want him to see page /somepage.aspx again
(revised with appropriate options for a logged in user) and *not*
default.aspx or any other page.

FormsAuthentication seems to demand that I send my user away to another
page, and uses Default.aspx if there isn't one specified in the URL.

How can I get my user authenticated and keep him on the same page?

I guess I'm looking for a
FormsAuthentication.AuthenticateButDontRedirectAny where() method.

Anyone done this? Anyone tell me where I should be looking?

Brian Lowe
---------@


Nov 18 '05 #2

P: n/a
You are reinventing the wheel, to an extent, but I can understand the issue.

What I have done is create the majority of the page (anything that can have
multiple states, like logged in, not logged in) in controls (server or user,
your choice). I then set up a user object when the user logs in. A user can
surf the entire site, but the user object is null until he logs in. To test
basic state, I simply pull the user object and test if it is null. If so,
don't show logged in elements; if not null, show them. There are a couple of
ways to handle this, from Session["userObject"] to creating a singleton.
NOTE: You can also use the extremely thin Session["LoggedIn"].

The next version of .NET has more facilities that do this "automagically".

This also allows me to have role based security, as the logged in user may
belong to different roles. I have created a UserInRole() method of my user
object that tests the user against a role, or roles. You may not need to go
this far.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

************************************************
Think Outside the Box!
************************************************
"Brian Lowe" <no@reply.address> wrote in message
news:%2****************@tk2msftngp13.phx.gbl...
I'm using Forms authentication with my user data in a SQL db. I have pages
in the main appliaction folder accessible to anonymous users and I've set
security to deny annonymous users access to pages in several sub folders
(e.g. admin). I've set up a login page where users trying to access any
/admin/ page are diverted to and on successful login they are redirected
back to the page they requested.

All is well. Everything works.

I want it to work a different way.

I want to display a user control on every page to enable a visitor to login at any time (or log out if he's logged in) and to show options appropriate
to logged in users. I have it mostly working BUT when my user is on page
/somepage.aspx and logs in I want him to see page /somepage.aspx again
(revised with appropriate options for a logged in user) and *not*
default.aspx or any other page.

FormsAuthentication seems to demand that I send my user away to another
page, and uses Default.aspx if there isn't one specified in the URL.

How can I get my user authenticated and keep him on the same page?

I guess I'm looking for a
FormsAuthentication.AuthenticateButDontRedirectAny where() method.

Anyone done this? Anyone tell me where I should be looking?

Brian Lowe
---------@


Nov 18 '05 #3

P: n/a
It really is that obvious!

Thanks for pointing this out. I don't know how I missed it in my search
through the docs, but now I see it it does exactly what I want. I must
havebeen looking for some wierd thing!

Thanks!

Brian Lowe
---------@
"Rick Spiewak" <ri*********@mindspring.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
FormsAuthentication.SetAuthCookie

Nov 18 '05 #4

P: n/a
Thanks but you seem to be answering a question I didn't ask.

Rick Spiewak answered it very succinctly.

What you describe is broadly what I had done in classic ASP for previous
applications, including a roll-your-own roles based model. Now that it's
all built in to ASP.Net I'm keen to take advantage of what's already there.

Brian Lowe
---------@

"Cowboy" <No************@comcast.netNoSpamM> wrote in message
news:eV**************@TK2MSFTNGP12.phx.gbl...
You are reinventing the wheel, to an extent, but I can understand the issue.

Nov 18 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.