Using forms authentication class for authentication

0
votes

I am developing an user authentication site. I have a login page, "Login.aspx" in which i have provided a login control. In the web.config,

<authentication mode="Forms">
        <forms name=".AuthenticationCookie" loginUrl="Login.aspx"  protection="All" timeout="60" path="/">
            <credentials passwordFormat="Clear">
                <user name="Jack" password="Jerry"/>
            </credentials>
        </forms>
    </authentication>
    <authorization>
        <deny users="*"/>
    </authorization>

In the login.aspx.cs page, I have provided,

 protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
        if (FormsAuthentication.Authenticate(Login1.UserName,Login1.Password))
        {
             FormsAuthentication.SetAuthCookie(Login1.UserName,true);
            Label1.Text = "Login Successful";
            Login1.InstructionText = "";
            FormsAuthentication.RedirectFromLoginPage(Login1.UserName, true);
            Response.Redirect("Success.aspx")

        }
        else
        {
            Label1.Text = "You are not an authentic user";
        }


    }
}

but however, while execution instead of going to success.aspx with the url http://localhost/Login.aspx?ReturnUrl=%2fSuccess.aspx

Why is this so?

1
asp.net
I don't understand what it's doing. You say "while execution instead of going to success.aspx ..." What is it doing "instead of" that? - Donnie Hale
sorry 4 dat.... instead of that it remains in Login.aspx with the above specified url. - user384636
In your above code, now that it's using RedirectFromLoginPage, you should remove the SetAuthCookie and Response.Redirect calls. After you do that, if it's still having the same problem, what do you see when you step through it in the debugger. Does the FormsAuthentication.Authenticate call succeed? If so, does it make it to the RedirectFromLoginPage call? What HTTP traffic do you see (use Fiddler - fiddler2.com/fiddler2). - Donnie Hale
thank you.. problem is solved :) - user384636
It would be helpful to others if you explained what solved the problem (plus I'm curious ;). - Donnie Hale

1 Answers

1
votes

If you want to set the forms auth cookie yourself and redirect correctly based on the ReturnUrl query string parameter, you should look at the FormsAuthentication.RedirectFromLoginPage method. In your example, it would be:

FormsAuthentication.RedirectFromLoginPage(Login1.UserName, true);

That method sets the appropriate Forms auth cookie / ticket and then redirects based on the presence or absence of the ReturnUrl parameter. (If absent, it goes to the configured default page.)

Hope this helps,

Donnie