Forms Authentication: Disable Redirect To The Login Page?
May 15, 2010
I have an application that uses ASP.NET Forms Authentication. For the most part, it's working great, but I'm trying to add support for a simple API via an .ashx file. I want the ashx file to have optional authentication (i.e. if you don't supply an Authentication header, then it just works anonymously). But, depending on what you do, I want to require authentication under certain conditions.
I thought it would be a simple matter of responding with status code 401 if the required authentication was not supplied, but it seems like the Forms Authentcation module is intercepting that and responding with a redirect to the login page instead. What I mean is, if my ProcessRequest method looks like this:
Then instead of getting a 401 error code on the client, like I expect, I'm actually getting a 302 redirect to the login page.
For nornal HTTP traffic, I can see how that would be useful, but for my API page, I want the 401 to go through unmodified so that the client-side caller can respond to it programmatically instead.
I have my website in which there are free links and links that require login. Free links open even if the user is not logged in. But in case of links that require login, redirect to login.aspx specified in Web.Config in loginURL tag.
I want some way to override this and show Ajax modal popup (Ajax extender toolkit) with login control for only thos links that require login (not for the free links).
In an asp.net mvc website, the site has enable forms authentication. The form login page is located in an area such as:
Area: Area1, Controller: Account, Action: Login
When a user is not yet authenticated and click on a link that requires authentication, the user is redirected to the login page. This does occur and redirect to the login page specify above. However during debug, it was found the area value is not included in the RouteData.Values object. That is, the RouteData.Values object has ONLY the follow value:
Controller: Account Action: Login
In this case, it is presumed that the MVC application by default searches for the appropriate controller and action without consideration for including the area value. On contrast when I direct click on a link that directs to login page, all processing occurs as expected, i.e. the area value is included in the RouteData.Values object. Is there a work around for this?
The default document feature is turned off in IIS and here's the situation... My start page for my project say is A.aspx. I run the project and sure enough, A.aspx appears in the url of the browser. Like it should though, A.aspx finds no user logged in and redirects to Login.aspx like it should. A.aspx:
if (Session["UserStuff"] == null) Response.Redirect("~/Account/Login.aspx");
The login.aspx shows up BUT when the user Logs in, the code:
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, true); always redirects to "Default.aspx" and not "A.aspx"
I've examined FormsAuthentication.GetRedirectUrl and sure enough it returns "Default.aspx"
I need to create an application with Forms Authentication and/or Windows Authentication. If the application is set to use mixed authentication (Forms + Windows Auth) and the user don't have a Windows user account, the login will fail and he must be redirected to a forms login page. How can I do this?
Are there any different way to provide mixed authentication?
I have a home page that is very design-specific, down to the pixel. It needs to have username/password/login, but I can't have it showing any error messages there. There is a separate standalone login page that is not design-specific and can show any messages. It's using the standard Login control.Is there an easy way to link the two so that if an error occurs on the home page the standalone page comes up with the errors?
Now is it possible to make the user choose which page to be redirected to prior to login? for example the user chooses from a list the page to login to prior to login then when authenticated be redirected to this page instead of the default.aspx page. is that possible and if so how can this be done?
I am a beginner of asp.net..I currently have a login page with forgot password link button on the bottom of the screen. I am also using forms authentication to prevent an unauthorized user from accessing the other pages. The authentication seems to be working fine except for one thing. It prevents the user from accessing the password recovery page once the user click on the link button. How do I allow all users access to the login/password pages and also prevent them from viewing the other pages if they are not authenticated?The code below is to prevent from other anonymous view other pages without access. But i got no idea on how to allow them to access password recovery page...
<authentication mode="Forms"> <forms loginUrl="/Presentation/Display/Login.aspx" name=".ASPNETAUTH" protection="All" path="/" timeout="120" cookieless="UseDeviceProfile" slidingExpiration="true"/> </authentication> <!-- This section denies access to all files in this application except for those that you have not explicitly specified by using another setting. --> <authorization> <deny users="?"/> </authorization>
I have 1 master page and Home.aspx page. Home.aspx page is using the master page.. In master page i have two textbox and and menu control and button. Textbox are used for login and password. by default Home.aspx opens.....Now when user login then i check the user exist of not in my master page codebehind and then redirect to Home.aspx but this time i want the textbox and button not to be visible. In master page i used session to store the login is true or not and the usertype and then redirect to Home.aspx. but i am not able to use the session.
I use with the code below. But i've got 2 login screens, but both should redirect to another page. But he always takes the page in the web.config. so how can i change that page when i push the login button? What should i change to the function below? The normal page redirects to: ~/shoppingcard.aspx But i want to redirect the function below to : ~/shoppingcard.asxp?p=2
i have one website (asp.net static pages and one login page) hosted on one server (x hoster) ..in that web site i have login page... i have another another server where i hosted the database and my asp.net application...( y hoter)the database is same for both applications...how to redirect my login members from website 1 to website 2..i am maintaing some sessions on website1 , when credentials checked..once the login successfully i need to redirect the member to my second website..
When the page displays, the login page displays with the master page content, however all of the styles are missing. When I embed styles into the master page the styles show properly, so I know the problem is that the styles are not being accessed from the file. how I can authorize access to the stylesheet?
I've a got an Asp.Net site that is using Forms authentication, I've also got custom errors configured in the web.config. One of these is a special error page for 403's (access denied). My question is how do I get Forms authentication to work smarter?
I would like Forms authentication to send users to login page only if they are not authenticated. If they are I want it to defer to the custom error pages that i've defined in the web.config. This seems like something very basic, how can this be achieved?
The problem is as follows: If a visitor try to access a page in Admin folder he must be redirected to login page located in Admin folder, here I will take his username and password and then I will check this in SQL Server table, if he is authenticated then he will be redirected to Default page and he can access any page in Admin folder, but not any page in User folderHere is one thing is important and that is login page in Admin folder and login page in User folder are differentSame scenario is for User folder Please tell me what is the right way to achieve this functionality
In my asp.net and vb code web. there is some pages which require username and password to access it. when the user clicks on the link for this page it directs to the login page and if the username and password is correct then it is directed to default page and not to the page requested.
Code in my .vb page is as under
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load If Session("userid") = Nothing Then Response.Redirect("login.aspx") End If End Sub
I am using VWD 2010 on a windows 7 64 bit install. Using forms authentication I am not being redirected to the login page when not authenticated yet. Even if I start a new web site from template, clear out all cookies, I still go directly to default.aspx. The LoginView control displays the anonymous template verifing I am not authenticated.
configuration why redirection doesn't occur? Remember I am trying this with New Web site template with no mods so I don't think config issue is within application code.
sir when any connction or error or exception generated in a page then control will go to where(which section)in the web.config file. i have to create a page when any exception or error or connection fails occurs from that it will redirect to login page so what code i have to write under web.config file pl tell me?
I have made a web page in which there is login screen when user login it goes next page but my problem is if i directly enter the url of that page it open. I want it should not open unless the user log in...