How to give user a chance to login when authorization fails while performing a POST action?

I'd like to program an authentication system, with the following features:

• Use ASP.NET MVC2
• Use SQL Server
• (Propbably) based on MembershipProvider
• User registration with email confirmation
• Role based authorization

..and last but not least: - Give the user a chance to login and/or register when authorization fails while performing a POST action.

The last feature is the most challenging feature. When a user performs a POST action (or some other kind of request) and the session times out (or the user is not authorized for some other reason), the user must be redirected to a login/registration form. During the login and/or registration process, the data of the request data (POST, GET etc.) must be saved somewhere. After user is succesfully authorized, the data should be restored and the request must be executed using the saved data.

The solution I have in mind is that the request data are serialized and stored in database, identified by some unique key. This unique key is put in cookie and/or in a hidden field in the login/registration form. When user is succesfully logged in, the context can be restored using this key and the action can be executed using this "ol开发者_高级运维d" request data.

The most tricky thing for me is that I don't know which data I should save and how and where to restore the context. I want to be able to use the build in attributes like [Authorize] and Routing.

I (think) I looked practically everywhere but without satisfying results. I hope someone can help me with this. Thanks in advance!

Online shopping cart normally allows anonymous users to put a few things in the cart before getting them to register/login. But unfortunately I'm not familiar with those techniques and don't want to give you half-baked explanations.

On the other hand, here are some common practices indirectly addressing this problem:

• prompt user to register first before taking them to a data entry page
• intercept the POST with ajax/popup login window
• remind user about session timeout, and allow user to extend their session without leaving the data entry page
• automatically save the data entry page for logged in user periodically
• split a large data entry page into several smaller ones, reducing the chance of time out

Hope this helps.