470,596 Members | 1,474 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,596 developers. It's quick & easy.

What Determines the Default Page (And How to Change)?

My site requires all users to log on. Depending on the user's role, they
will have access to a certain set of pages.

I implemented this by redirecting the user to the appropriate home page in
the handler for the LoggedIn event of the Login control.

The problem is that users don't always go through the Login control. For
example, if I check the Remember Me box and then disconnect and then
reconnect, I go straight to default.aspx in the root folder withough having
to log in again. And so my code doesn't have a chance to redirect the user
based on role in this case.

I'm thinking the answer would be to modify the default page depending on the
current role, but I'm not sure how to do that. I'm also curious if anyone
has any better ideas.

Thanks.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com

Nov 11 '07 #1
7 2151
The default page is determined by the web server and not something to be
changed in code. Also, it's good not to mess with the list because it can
affect perormance. The longer the list for example, the longer it takes IIS
to check what is the default page for a directory.

Why don't you put a check into the default.aspx page itself? You can check
if the user is currently authenticated and if so, determine where they
should go. Essentially, your default page just becomes a redirecting agent.
The tricky part though is you wouldn't be able to have a normal default.aspx
page since you can't determine whether the person who is visiting it just
returned to the site, or if they have been logged on for a while and are
just navigating around. With the right structure though this can be a moot
point, especially if the default.aspx page isn't something that they'll hit
except when they return to the site.
--

Hope this helps,
Mark Fitzpatrick
Microsoft MVP - Expression

"Jonathan Wood" <jw***@softcircuits.comwrote in message
news:%2****************@TK2MSFTNGP02.phx.gbl...
My site requires all users to log on. Depending on the user's role, they
will have access to a certain set of pages.

I implemented this by redirecting the user to the appropriate home page in
the handler for the LoggedIn event of the Login control.

The problem is that users don't always go through the Login control. For
example, if I check the Remember Me box and then disconnect and then
reconnect, I go straight to default.aspx in the root folder withough
having to log in again. And so my code doesn't have a chance to redirect
the user based on role in this case.

I'm thinking the answer would be to modify the default page depending on
the current role, but I'm not sure how to do that. I'm also curious if
anyone has any better ideas.

Thanks.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com

Nov 11 '07 #2
Couple of ways you can handle this one.

1. Create a basepage class and have all the pages derive from it. Override
the onpreinit event in the basepage class and add your logic to redirect
users based on thier current roles.

2. You can override the onauthenticate event in global.asax file and if the
user is already authenticated and the current requested url is default.aspx,
then apply your logic to redirect appropriately.

Thanks,
Kumaran
Software Architect
www.superbuild.com
"Jonathan Wood" <jw***@softcircuits.comwrote in message
news:%2****************@TK2MSFTNGP02.phx.gbl...
My site requires all users to log on. Depending on the user's role, they
will have access to a certain set of pages.

I implemented this by redirecting the user to the appropriate home page in
the handler for the LoggedIn event of the Login control.

The problem is that users don't always go through the Login control. For
example, if I check the Remember Me box and then disconnect and then
reconnect, I go straight to default.aspx in the root folder withough
having to log in again. And so my code doesn't have a chance to redirect
the user based on role in this case.

I'm thinking the answer would be to modify the default page depending on
the current role, but I'm not sure how to do that. I'm also curious if
anyone has any better ideas.

Thanks.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com

Nov 11 '07 #3
Kumaran,

(Sorry for the slow reply. I've been trying to work through some of these
issues.)
1. Create a basepage class and have all the pages derive from it. Override
the onpreinit event in the basepage class and add your logic to redirect
users based on thier current roles.
Thanks but I don't believe that will work. Users who are not supposed to
access the default page do not have access to the root folder. Therefore, it
appears they just get taken to the login page even though they are already
logged in and authentication code withing default.aspx would never get a
chance to run. I thought about setting the access-denied page and having
that forward them, but even that won't work because some users will not have
access to the folder that page is in.
2. You can override the onauthenticate event in global.asax file and if
the user is already authenticated and the current requested url is
default.aspx, then apply your logic to redirect appropriately.
Well, I couldn't find any OnAuthenticate event. But there is something like
that. I'll play with that a bit and see if I can make it work.

Thanks.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com
>

"Jonathan Wood" <jw***@softcircuits.comwrote in message
news:%2****************@TK2MSFTNGP02.phx.gbl...
>My site requires all users to log on. Depending on the user's role, they
will have access to a certain set of pages.

I implemented this by redirecting the user to the appropriate home page
in the handler for the LoggedIn event of the Login control.

The problem is that users don't always go through the Login control. For
example, if I check the Remember Me box and then disconnect and then
reconnect, I go straight to default.aspx in the root folder withough
having to log in again. And so my code doesn't have a chance to redirect
the user based on role in this case.

I'm thinking the answer would be to modify the default page depending on
the current role, but I'm not sure how to do that. I'm also curious if
anyone has any better ideas.

Thanks.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com

Nov 14 '07 #4
Mark,

(Sorry for the slow reply. I've been trying to work through some of these
issues.)
Why don't you put a check into the default.aspx page itself? You can check
if the user is currently authenticated and if so, determine where they
should go. Essentially, your default page just becomes a redirecting
agent. The tricky part though is you wouldn't be able to have a normal
default.aspx page since you can't determine whether the person who is
visiting it just returned to the site, or if they have been logged on for
a while and are just navigating around. With the right structure though
this can be a moot point, especially if the default.aspx page isn't
something that they'll hit except when they return to the site.
Thanks but I don't believe that will work. Users who are not supposed to
access the default page do not have access to the root folder. Therefore, it
appears they just get taken to the login page even though they are already
logged in and authentication code withing default.aspx would never get a
chance to run. I thought about setting the access-denied page and having
that forward them, but even that won't work because some users will not have
access to the folder that page is in.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com
"Mark Fitzpatrick" <ma******@fitzme.comwrote in message
news:Ov**************@TK2MSFTNGP05.phx.gbl...
The default page is determined by the web server and not something to be
changed in code. Also, it's good not to mess with the list because it can
affect perormance. The longer the list for example, the longer it takes
IIS to check what is the default page for a directory.

--

Hope this helps,
Mark Fitzpatrick
Microsoft MVP - Expression

"Jonathan Wood" <jw***@softcircuits.comwrote in message
news:%2****************@TK2MSFTNGP02.phx.gbl...
>My site requires all users to log on. Depending on the user's role, they
will have access to a certain set of pages.

I implemented this by redirecting the user to the appropriate home page
in the handler for the LoggedIn event of the Login control.

The problem is that users don't always go through the Login control. For
example, if I check the Remember Me box and then disconnect and then
reconnect, I go straight to default.aspx in the root folder withough
having to log in again. And so my code doesn't have a chance to redirect
the user based on role in this case.

I'm thinking the answer would be to modify the default page depending on
the current role, but I'm not sure how to do that. I'm also curious if
anyone has any better ideas.

Thanks.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com

Nov 14 '07 #5
Hi Jonathan,

As I mentioned in your other thread, I think the real problem is that you
have restricted access to the default page in the root folder. IMO it would
be best to redesign your site such that all users have access to the root
folder and move any pages that need to be secured into sub-folders.

Scott

"Jonathan Wood" <jw***@softcircuits.comwrote in message
news:uf**************@TK2MSFTNGP02.phx.gbl...
Users who are not supposed to access the default page do not have access
to the root folder.
Nov 15 '07 #6
Yeah, I haven't come up with anything better. However, now I'm wondering if
I can make access to Default.aspx global but keep other files in the root
folder restricted. This way, all users can access Default.aspx but the
primary users will still use the root folder.

Now I just need to determine if ASP.NET will allow me to allow all users to
access a single file in a folder but not any other files...

Thanks.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com

"Scott Roberts" <sr******@webworks-software.comwrote in message
news:Ol**************@TK2MSFTNGP05.phx.gbl...
Hi Jonathan,

As I mentioned in your other thread, I think the real problem is that you
have restricted access to the default page in the root folder. IMO it
would be best to redesign your site such that all users have access to the
root folder and move any pages that need to be secured into sub-folders.

Scott

"Jonathan Wood" <jw***@softcircuits.comwrote in message
news:uf**************@TK2MSFTNGP02.phx.gbl...
>Users who are not supposed to access the default page do not have access
to the root folder.
Nov 15 '07 #7
And I found I am able to allow global access to Default.aspx but not other
files in the root folder. I'm pretty sure I'll go with some variation on
that!

Thanks agian.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com

"Scott Roberts" <sr******@webworks-software.comwrote in message
news:Ol**************@TK2MSFTNGP05.phx.gbl...
Hi Jonathan,

As I mentioned in your other thread, I think the real problem is that you
have restricted access to the default page in the root folder. IMO it
would be best to redesign your site such that all users have access to the
root folder and move any pages that need to be secured into sub-folders.

Scott

"Jonathan Wood" <jw***@softcircuits.comwrote in message
news:uf**************@TK2MSFTNGP02.phx.gbl...
>Users who are not supposed to access the default page do not have access
to the root folder.
Nov 15 '07 #8

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

86 posts views Thread by Michael Kalina | last post: by
1 post views Thread by Mauricio | last post: by
9 posts views Thread by Harry Smith | last post: by
2 posts views Thread by Daves | last post: by
10 posts views Thread by Brad Baker | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.