ASP.Net Authentication if ReturnURL null UserData comes empty
Hi there is a problem in my login page.
The scenario is, For example i go to www.mydomain.com/admin/ its redirecting me to the login page with ReturnURL parameter like this. www.mydomain.com/login.aspx?ReturnURL=%2fAdmin%2f. I am logging in with admin account and everything works fine. But if i go to Login.aspx directly which means there isn't ReturnURL QueryString field. I log in with same admin account but when i try to go www.mydomain.com/admin/ after i logged in its redirecting me back to the login page.I'm doing navigates like this. What i am missing?
//The code block that is logging in admin.
//check if there is a ReturnURL
if (QueryStringTool.IsExistAndNotNull("ReturnURL"))
{
Session["UserType"] = UserTypes.UserType.Admin;
Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text.Trim(), false));
}
//ReturnURL doesn't exists.
else
{
FormsAuthentication.SetAuthCookie(txtUserName.Text, cbUserRememberMe.Checked);
Response.Redirec开发者_如何转开发t("/Admin/Default.aspx");
}
Now try this. Replace your code
//check if there is a ReturnURL
if (QueryStringTool.IsExistAndNotNull("ReturnURL"))
{
Session["UserType"] = UserTypes.UserType.Admin;
Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text.Trim(), false));
}
//ReturnURL doesn't exists.
else
{
FormsAuthentication.SetAuthCookie(txtUserName.Text, cbUserRememberMe.Checked);
Response.Redirect("/Admin/Default.aspx");
}
with this one
if("Check if User Is Authentic")
{
Session["UserType"] = UserTypes.UserType.Admin;
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, cbUserRememberMe.Checked);
}
This will work for your whole code. Redirects an authenticated user back to the originally requested URL or the default URL.
Check on Default
page Load
event Session["UserType"]
if user is Admin
then redirect him to admin page
This is a sample web.config
<configuration>
<system.web>
<authentication mode="Forms">
<forms
name="401kApp"
loginUrl="/login.aspx"
cookieless="AutoDetect"
defaultUrl="myCustomLogin.aspx">
<credentials passwordFormat = "SHA1">
<user name="UserName"
password="07B7F3EE06F278DB966BE960E7CBBD103DF30CA6"/>
</credentials>
</forms>
</authentication>
</system.web>
</configuration><br/>
set defaultUrl="yourdefaultpageURL"
in web.config
OR
you can use FormsAuthentication.RedirectFromLoginPage Method (String, Boolean)
精彩评论