ASP.Net Authentication if ReturnURL null UserData comes empty

https://stackoverflow.com/questions/6007537

14-11-2019
|

Question

Hi there is a problem in my login page.
The scenario is,
For example i go to www.mydomain.com/admin/ its redirecting me to the login page with ReturnURL parameter like this. www.mydomain.com/login.aspx?ReturnURL=%2fAdmin%2f.
I am logging in with admin account and everything works fine.
But if i go to Login.aspx directly which means there isn't ReturnURL QueryString field.
I log in with same admin account but when i try to go www.mydomain.com/admin/ after i logged in its redirecting me back to the login page.

I'm doing navigates like this. What i am missing?

//The code block that is logging in admin.
//check if there is a ReturnURL
if (QueryStringTool.IsExistAndNotNull("ReturnURL"))
{
    Session["UserType"] = UserTypes.UserType.Admin;
    Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text.Trim(), false));
}
//ReturnURL doesn't exists.
else
{
    FormsAuthentication.SetAuthCookie(txtUserName.Text, cbUserRememberMe.Checked);
    Response.Redirect("/Admin/Default.aspx");
}

Solution

Now try this. Replace your code

//check if there is a ReturnURL

    if (QueryStringTool.IsExistAndNotNull("ReturnURL"))
    {
        Session["UserType"] = UserTypes.UserType.Admin;
        Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text.Trim(), false));
    }
    //ReturnURL doesn't exists.
    else
    {
        FormsAuthentication.SetAuthCookie(txtUserName.Text, cbUserRememberMe.Checked);
        Response.Redirect("/Admin/Default.aspx");
    }

with this one

if("Check if User Is Authentic")
{
Session["UserType"] = UserTypes.UserType.Admin;
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, cbUserRememberMe.Checked);
}

This will work for your whole code. Redirects an authenticated user back to the originally requested URL or the default URL.
Check on Default page Load event Session["UserType"] if user is Admin then redirect him to admin page

OTHER TIPS

This is a sample web.config

<configuration>
   <system.web>
   <authentication mode="Forms">
      <forms 
      name="401kApp" 
      loginUrl="/login.aspx"
      cookieless="AutoDetect"
      defaultUrl="myCustomLogin.aspx">
      <credentials passwordFormat = "SHA1">   
         <user name="UserName" 
         password="07B7F3EE06F278DB966BE960E7CBBD103DF30CA6"/>
      </credentials>   
      </forms>
   </authentication>
   </system.web>
</configuration><br/>

set defaultUrl="yourdefaultpageURL" in web.config
OR
you can use FormsAuthentication.RedirectFromLoginPage Method (String, Boolean)

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow