By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,451 Members | 1,588 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,451 IT Pros & Developers. It's quick & easy.

Expiry in Forms authentication

P: n/a
Hello,

I have an web site which uses forms authentication. The
application uses frames. When the authentication time out occurs and if we
click on any one of the frames, each individual pages shows login page.
Is there any way out to show login page in whole page and not in
each individual frames. Else if there any event which is called when the
authentication cookie expires.

Thanks,
Sushi
Nov 16 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
Sushi,

Frames are BAD (this is only one of the reasons).

The only way I can think to do this would be to have a handler in
Javascript for each page in the site. Basically, if the handler detects
that the page being loaded is a login page, then it should traverse the
frame heiarchy to the parent window, and force that window to reload.

However, this might not be possible, due to security issues (cross frame
scripting and the like). On the other hand, it might be allowed if all the
pages are from the same site.

Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

"sushi" <su***@discussions.microsoft.com> wrote in message
news:30**********************************@microsof t.com...
Hello,

I have an web site which uses forms authentication. The
application uses frames. When the authentication time out occurs and if we
click on any one of the frames, each individual pages shows login page.
Is there any way out to show login page in whole page and not in
each individual frames. Else if there any event which is called when the
authentication cookie expires.

Thanks,
Sushi

Nov 16 '05 #2

P: n/a
The easiest way to handle this is in the login page itself. Using
client-side javascript, simply detect whether the login page is loaded in
the topmost browser window. If not, redirect the topmost window to the
login page. e.g.:

if (window != window.top) window.top.location.href = window.location.href;

Of course, this is likely to interfere some with post-login redirection.
Then again, the usual approach in a framed site is to redirect to the main
frame after even a post-timeout login, so perhaps this is something your
users can accept. If not, it is possible to set up a frameset to accept its
frame sources as request parameters, but care should be taken to ensure that
such a mechanism cannot be used to load pages from other sites inside your
frameset.

HTH,
Nicole

"sushi" <su***@discussions.microsoft.com> wrote in message
news:30**********************************@microsof t.com...
Hello,

I have an web site which uses forms authentication. The
application uses frames. When the authentication time out occurs and if we
click on any one of the frames, each individual pages shows login page.
Is there any way out to show login page in whole page and not in
each individual frames. Else if there any event which is called when the
authentication cookie expires.

Thanks,
Sushi

Nov 16 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.