3

The default document feature is turned off in IIS and here's the situation...

My start page for my project say is A.aspx. I run the project and sure enough, A.aspx appears in the url of the browser. Like it should though, A.aspx finds no user logged in and redirects to Login.aspx like it should.

A.aspx:

    if (Session["UserStuff"] == null)
        Response.Redirect("~/Account/Login.aspx");

The login.aspx shows up BUT when the user Logs in, the code:

FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, true);

always redirects to "Default.aspx" and not "A.aspx"

I've examined FormsAuthentication.GetRedirectUrl and sure enough it returns "Default.aspx"

I'm stumped????

Improve this question
2
  • An important thing to note here is that you should avoid using session for authentication information/status. Since you are using FormsAuth, use only that to determine authentication. Use session to store user-level preferences, etc (populated after the user has authenticated). Commented Aug 14, 2010 at 12:27
  • Yes, that's right, I only check to see if the user has "stuff" in the session and I don't authenticate against the session. I actually authenticate against a third-party API then plop an object in the session if successful. Commented Aug 14, 2010 at 12:39

4 Answers 4

Reset to default
6

In web.config you could set the default page using the defaultUrl attribute:

<authentication mode="Forms">
    <forms 
       loginUrl="login.aspx" 
       defaultUrl="a.aspx"
       protection="All"  
       timeout="30" 
    />
</authentication>
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

http://www.codeproject.com/KB/aspnet/custom_authentication.aspx Follow this

Improve this answer

3 Comments

That's a nice article, but it's not exactly what I'm trying to do. My problem is that when A.aspx is requested, the user gets sent to a login page if not authenticated, then redirects to their original request and NOT a hard-coded page. Problem is the GetRedirectURL is always default.aspx and not the original A.aspx requested.
@Bob - if you don't have a DefaultUrl it will just choose default.aspx as a matter of the framework. When FormsAuthentication uses its own mechanism, a RedirectUrl is appended to the url to login.aspx and the user is redirected properly at that point. If no RedirectUrl is specified, the DefaultUrl is used so it can't hurt to have it specified. I think the problem here is that you're using your own session code to perform this redirect instead of allowing FormsAuth to handle it.
That sounds right. I must not be doing the forms authentication properly and the default.aspx is coming from the framework - thanks I'll see what I can do.
0

If you're using FormsAuthentication, your settings should be defined in the web.config. It sounds like you have a default setting in the web.config for DefaultUrl. You shouldn't need the session redirect though. FormsAuthentication should perform this for you. It doesn't hurt to check the session and force a SignOut() if you don't find it, but FormsAuthentication should perform this redirect.

Improve this answer

1 Comment

Thanks, but I can't find anything in the web.config that includes default.aspx other than it's in the list of default documents but enabled="false". I don't necessarily want a default URL anyway. I was hoping that the user would get redirected to their original page (A.aspx) after authentication.
0

From my understanding, when the user is redirectoed to your login screen, the Forms Authentication mechanism will add the url of the page that the user was originally tring to access, to the login url that that they user tried to access. For example, if you had a login page: http;//bob/login.aspx, and a user tried to access http;//bob/showmethemoney.aspx, then they would get redirected to http;//bob/login.aspx?ReturnUrl=showmethemoney.aspx. So, if you use the ReturnUrl to redirect the user after the user logs in, the user will always be returned to the resource that they were originally trying to get to.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.