473,386 Members | 1,962 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > redirectfromloginpage never returns to original page

Join Bytes to post your question to a community of 473,386 software developers and data experts.

RedirectFromLoginPage never returns to original page

I have a main project that is protected in that the user is directed to a
login.aspx file.

The text in the web.config file is:

<authentication mode="Forms">
<forms loginUrl="Login.aspx" />
</authentication>

<authorization>
<deny users="?" /> <!--deny unauthorized users -->
<allow users="*" /> <!-- Allow all authorized users -->
</authorization>

When the user enters email/password and is authenticated, control is
transferred back to the main page via the line in the Login.aspx file:

if(Authenticate(EMail.Text, Password.Text)) {
// return to the original page
FormsAuthentication.RedirectFromLoginPage(EMail.Te xt, false);
}
else {
Output.Text = "Invalid Login";
}

Authenticate is my routine.

This all works as it should.

I also have a second project that is going to allow editing of the main page
info. This is contained in the solution but placed in a subdirectory to the
main project. In there I have a web.config file that just identifies the
login.aspx file in the parent directory so:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="../Login.aspx" />
</authentication>
</system.web>
</configuration>

Again when I start the second project I am transferred to the login.aspx
file in the parent folder. I enter the credentials and when I step through
the code, the FormsAuthentication.RedirectFromLoginPage(...) routine is
called.

My problem is that the Login.aspx page is recycled. Control doesn't return
to my secondary project in the child folder it just keeps on showing the
Login page.

If I look at the browsers address line for the login page:

http://localhost/OnLineReg/Login.asp...ayRegInfo.aspx

it has the correct return address of the page in the subfolder
"DisplayRegInfo" in the ReturnUrl= argument.

Can anyone suggest if I am doing anything obviously wrong?

Ed
--
Edward E.L. Mitchell
Phone: (239)415-7039
6707 Daniel Court
Fort Myers, FL 33908
Nov 19 '05 #1
8 2221
You probably have your second project configured as an application in IIS.

bill

"Edward Mitchell" <EE*********@newsgroup.nospam> wrote in message
news:eS**************@TK2MSFTNGP10.phx.gbl...
I have a main project that is protected in that the user is directed to a
login.aspx file.

The text in the web.config file is:

<authentication mode="Forms">
<forms loginUrl="Login.aspx" />
</authentication>

<authorization>
<deny users="?" /> <!--deny unauthorized users -->
<allow users="*" /> <!-- Allow all authorized users -->
</authorization>

When the user enters email/password and is authenticated, control is
transferred back to the main page via the line in the Login.aspx file:

if(Authenticate(EMail.Text, Password.Text)) {
// return to the original page
FormsAuthentication.RedirectFromLoginPage(EMail.Te xt, false);
}
else {
Output.Text = "Invalid Login";
}

Authenticate is my routine.

This all works as it should.

I also have a second project that is going to allow editing of the main page info. This is contained in the solution but placed in a subdirectory to the main project. In there I have a web.config file that just identifies the
login.aspx file in the parent directory so:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="../Login.aspx" />
</authentication>
</system.web>
</configuration>

Again when I start the second project I am transferred to the login.aspx
file in the parent folder. I enter the credentials and when I step through the code, the FormsAuthentication.RedirectFromLoginPage(...) routine is
called.

My problem is that the Login.aspx page is recycled. Control doesn't return to my secondary project in the child folder it just keeps on showing the
Login page.

If I look at the browsers address line for the login page:

http://localhost/OnLineReg/Login.asp...ayRegInfo.aspx
it has the correct return address of the page in the subfolder
"DisplayRegInfo" in the ReturnUrl= argument.

Can anyone suggest if I am doing anything obviously wrong?

Ed
--
Edward E.L. Mitchell
Phone: (239)415-7039
6707 Daniel Court
Fort Myers, FL 33908

Nov 19 '05 #2
I'm pretty sure that when I created the project it was C# with the Web
Application icon chosen. However, I can't find any reference in the Project
Properties that would tell me this.

However, assuming it is a web application, can I make it work? Do I have to
start off creating the project from scratch and if so, what do I chose for
the project type?

Is there any documentation for this?

Ed
"William F. Robertson, Jr." <th****@nameht.org> wrote in message
news:uh**************@TK2MSFTNGP14.phx.gbl...
You probably have your second project configured as an application in IIS.

bill

"Edward Mitchell" <EE*********@newsgroup.nospam> wrote in message
news:eS**************@TK2MSFTNGP10.phx.gbl...
I have a main project that is protected in that the user is directed to a
login.aspx file.

The text in the web.config file is:

<authentication mode="Forms">
<forms loginUrl="Login.aspx" />
</authentication>

<authorization>
<deny users="?" /> <!--deny unauthorized users -->
<allow users="*" /> <!-- Allow all authorized users -->
</authorization>

When the user enters email/password and is authenticated, control is
transferred back to the main page via the line in the Login.aspx file:

if(Authenticate(EMail.Text, Password.Text)) {
// return to the original page
FormsAuthentication.RedirectFromLoginPage(EMail.Te xt, false);
}
else {
Output.Text = "Invalid Login";
}

Authenticate is my routine.

This all works as it should.

I also have a second project that is going to allow editing of the main

page
info. This is contained in the solution but placed in a subdirectory to

the
main project. In there I have a web.config file that just identifies the
login.aspx file in the parent directory so:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="../Login.aspx" />
</authentication>
</system.web>
</configuration>

Again when I start the second project I am transferred to the login.aspx
file in the parent folder. I enter the credentials and when I step

through
the code, the FormsAuthentication.RedirectFromLoginPage(...) routine is
called.

My problem is that the Login.aspx page is recycled. Control doesn't

return
to my secondary project in the child folder it just keeps on showing the
Login page.

If I look at the browsers address line for the login page:

http://localhost/OnLineReg/Login.asp...ayRegInfo.aspx

it has the correct return address of the page in the subfolder
"DisplayRegInfo" in the ReturnUrl= argument.

Can anyone suggest if I am doing anything obviously wrong?

Ed
--
Edward E.L. Mitchell
Phone: (239)415-7039
6707 Daniel Court
Fort Myers, FL 33908


Nov 19 '05 #3
Hi Edward,

The problem you encountered is actual caused by some combined factors. here
is some of my suggestions:

1. Each ASP.NET Web application is hosted in an IIS folder which configured
as Application. So if you make your subfolder as Application, that
subfolder become a separate application from its parent virutal dir's
application. I don't think this is what you want, so you need to remove the
"Applciation" in the subfolder.

2. The <authentication> element is per-application based ,so each
application can have only one <authentication> element in the main
web.config. However, we can have multiple
<authorization> element to define different protection rules for different
paths in our web application. So currently you have two options to resolve
your problem:

1) Still use a sub web.config in your sub dir(must remove that subdir as
Application), and also remove the <authentication> element in it, just put
your <authorization> setting in sub dir's web.config.

2)Use the <location> element in your main web.config to specify different
<authorization> settings for different paths:

#Hierarchical Configuration Architecture
http://msdn.microsoft.com/library/en...archicalconfig
urationarchitecture.asp?frame=true

If anything unclear, please feel free to post here.

Thanks & Regards,
Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)


Nov 19 '05 #4
I made some more experiments. When I first visit the line in Login.aspx.cs:

FormsAuthentication.RedirectFromLoginPage(EMail.Te xt, false);

Page.Context.User.Identity contains the empty string for AuthenticationType
and Name and IsAuthenticated is false. If I step through this routine call
with the debugger the Page.Context.User fields don't change. Then control
leaves my Login.aspx.cs file (debugger stepwise) but the Login.aspx page
again shows up in the browser.

If I push the Login button again and the second time around the code in the
Login.aspx.cs file I break at the same point. Now the debugger QuickWatch
window shows that Page.Context.User.Identity has IsAuthenticated as true,
the AuthenticationType is "Forms" and the Name is correct. Something did
the right thing on leaving the LoginButton_Click(...) event to no avail.

But I'm still in the Login.aspx page and will go back to the same breakpoint
when I hit the login button again.

In both the above debug breaks, I examined the expression directly in the
QuickWatch window to find out where we were supposed to go back to::

FormsAuthentication.GetRedirectUrl("name", false)

and this gave the correct return URL to the page that I am trying to go back
to.

The problem is that it won't return and leave the Login page even though it
looks like the user is now supposedly authenticated.

Since the "RedirectFromLoginPage" is system code, I am unable to step within
is to see what is really supposed to be happening.

Ed
--
Edward E.L. Mitchell
Phone: (239)415-7039
6707 Daniel Court
Fort Myers, FL 33908
Nov 19 '05 #5
Steve,

I removed the Web.Config file from the subdirectory and added a <location>
tag to the root Web.Config. There is now a single <authentication
mode="Forms"> tag and two tags for the <authorization...>. This is the text
in my single Web.Config file:

<configuration>
<system.web>
...
<authentication mode="Forms">
<forms loginUrl="Login.aspx" />
</authentication>

<authorization>
<deny users="?" /> <!--deny unauthorized users -->
<allow users="*" /> <!-- Allow all authorized users -->
</authorization>
...
</system.web>
<location path="DisplayRegInfo">
<system.web>
<authentication>
<forms loginUrl="../Login.aspx" />
</authentication>
<authorization>
<deny users="?" /> <!--deny unauthorized users -->
<allow users="*" /> <!-- Allow all authorized users -->
</authorization>
</system.web>
</location>
</configuration>

I found that I had to define the loginUrl as "../Login.aspx" in the location
since it appears that the path is relative to the page being authenticated.
I could use a forward slash or backslash to define the parent directory.

However, I still see the same behavior. My login.aspx file finds the user
and then does the

FormsAuthentication.RedirectFromLoginPage(EMail.Te xt, false);

but the login.aspx page is continually recycled. Control never goes back to
the original page.

Is the only way out of this to put all the pages in the same top-level
directory?

Ed

"Steven Cheng[MSFT]" <v-******@online.microsoft.com> wrote in message
news:id**************@TK2MSFTNGXA01.phx.gbl...
Hi Edward,

The problem you encountered is actual caused by some combined factors.
here
is some of my suggestions:

1. Each ASP.NET Web application is hosted in an IIS folder which
configured
as Application. So if you make your subfolder as Application, that
subfolder become a separate application from its parent virutal dir's
application. I don't think this is what you want, so you need to remove
the
"Applciation" in the subfolder.

2. The <authentication> element is per-application based ,so each
application can have only one <authentication> element in the main
web.config. However, we can have multiple
<authorization> element to define different protection rules for different
paths in our web application. So currently you have two options to resolve
your problem:

1) Still use a sub web.config in your sub dir(must remove that subdir as
Application), and also remove the <authentication> element in it, just put
your <authorization> setting in sub dir's web.config.

2)Use the <location> element in your main web.config to specify different
<authorization> settings for different paths:

#Hierarchical Configuration Architecture
http://msdn.microsoft.com/library/en...archicalconfig
urationarchitecture.asp?frame=true

If anything unclear, please feel free to post here.

Thanks & Regards,
Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Nov 19 '05 #6
Hi Ed,

Have you also change your sub directory to a normal folder (from an
"APPLICATION" virtual dir)? That's the key point, we can't make a sub
folder as another separate application in IIS if they're actually the same
asp.net application.

Thanks.

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Nov 19 '05 #7
Steve,

It turned out that I hadn't made the subdirectory within my virtual
directory a virtual directory of it's own. I noticed in IIS that the
virtual directories have a their own icon compared to a lowly folder. When
I made the sub-folder a virtual directory, I was able to startup using the
Login.aspx in the parent directory and return to the page in the
subdirectory.

I finished up putting all my files in one directory rather than mess with
the sub-folders.

Thanks for the feedback.

Ed

"Steven Cheng[MSFT]" <v-******@online.microsoft.com> wrote in message
news:cQ****************@TK2MSFTNGXA02.phx.gbl...
Hi Ed,

Have you also change your sub directory to a normal folder (from an
"APPLICATION" virtual dir)? That's the key point, we can't make a sub
folder as another separate application in IIS if they're actually the same
asp.net application.

Thanks.

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Nov 19 '05 #8
Good!

Glad that you've figured it our.
Have a nice day!

Cheers,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Nov 19 '05 #9
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
RedirectFromLoginPage and loop
by: Rob O'Cop | last post by:
Hi, I've got an Intranet site that's been using the usual Forms authentication. Now, I want to retrieve the Windows Login and authenticate the user automatically without her typing...
.NET Framework
2
RedirectFromLoginPage(username, true) no working
by: Gan | last post by:
Hi, I just wonder after calling the RedirectFromLoginPage function, my current page still stick to login.aspx fiile. Any clue?? Thanks
ASP.NET
2
without Forms authentication.redirectFromLoginPage()?
by: .NET Follower | last post by:
i wan to divert users to login page if they r on secure page and then again redirect to the original page without Forms authentication.redirectFromLoginPage() and also without HTTP_REFERER. ...
ASP.NET
2
FormsAuthentication.RedirectFromLoginPage when no ReturnURL
by: tshad | last post by:
I have a logon page that is may be called by the Forms Authentication setup. This would put a ReturnURL as part of the URL. I would normally then just issue a: ...
ASP.NET
9
Help!! RedirectFromLoginPage and GetRedirectUrl
by: Sandy | last post by:
Any help anyone can give me will be appreciated!!!! This is driving me c-r-a-z-y! All I can get from both of the above redirections is a redirect to a page named default.aspx. How do I make...
ASP.NET
1
FormsAuthentication.RedirectFromLoginPage is not redirecting to the correct page.
by: Jeremy Chapman | last post by:
I have built a web app. While testing I have found that if I browse to a page in the app, then get redirected to the login page and enter my credentials. The...
ASP.NET
0
FormsAuthentication.RedirectFromLoginPage Leaving Part of the QueryString In HTML Output
by: Ryan | last post by:
I have an aspx form using: FormsAuthentication.RedirectFromLoginPage("LoginName", False) When the form is browsed to for the VERY first time, instead of redirecting the user to the original...
ASP.NET
6
How to know when to RedirectFromLoginPage?
by: Randall Parker | last post by:
Suppose the first URL a visitor visits is Logon.aspx. There's not an original page to return the user to. So how can I detect whether to send the user to the original page he tried to visit versus...
ASP.NET
2
FormsAuthentication.RedirectFromLoginPage
by: Mike P | last post by:
When you have authenticated a user and you call FormsAuthentication.RedirectFromLoginPage, how does it know what is the default page that it is supposed to redirect to? The page I want it to...
C# / C Sharp
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!