Geek Answers Handbook

ASP.NET login page redirection issue

I am creating a Silverlight application hosted on an ASP.NET./ Web site with IIS7 / SSL support.
For security, I put my silverlight page inside the Members folder in an ASP.NET web application and have limited access from anonymous users (see web.config below)

when users try to access the pages in the Members folder, they are redirected to https://www.ssldemo.com/authenticationtest/login.aspx . (see web.config below) (I matched www.ssldemo.com with 127.0.0.1). for security, I switch to HTTPS in login.aspx and back to HTTP after checking. below is the code for login.aspx.cs.

    protected void Page_Load(object sender, EventArgs e)
    {
        LoginControl.LoggedIn += new EventHandler(LoginControl_LoggedIn);
    }

    void LoginControl_LoggedIn(object sender, EventArgs e)
    {
        //for going to ReturnURL & switching back to HTTP
        string serverName = HttpUtility.UrlEncode(Request.ServerVariables["SERVER_NAME"]);
        string returnURL = Request["ReturnURL"];
        Response.Redirect(ResolveClientUrl("http://" + serverName + returnURL)); 
    }

, http://www.ssldemo.com/authenticationtest/members/AnotherApplication/ http://www.ssldemo.com/authenticationtest/members/AnotherApplication/default.aspx, https://www.ssldemo.com/authenticationtest/login.aspx?ReturnUrl=%2fauthenticationtest%2fmembers%2fanotherapplication%2fdefault.aspx. , , , ReturnUrl. , , "302" ".

! .

<configuration>
<connectionStrings>
    <add name="CompanyDatabase" connectionString="Data Source=192.168.0.2;Initial Catalog=SomeTable;User ID=Username;Password=P@ssword" />
</connectionStrings>

<system.web>
    <compilation debug="true" targetFramework="4.0" />
    <authentication mode="Forms">
        <forms slidingExpiration="true" timeout="15"
               loginUrl="https://www.ssldemo.com/authenticationtest/login.aspx"
               defaultUrl="~/Members/Default.aspx"
               >
        </forms>
    </authentication>
    <!--Custom Membership Provider-->
    <membership defaultProvider="MyMembershipProvider" userIsOnlineTimeWindow="15">
        <providers>
            <clear />
            <add name="MyMembershipProvider"
                 type="AuthenticationTest.Web.MyMembershipProvider"
                 connectionStringName="CompanyDatabase"
                 applicationName="AuthenticationTest.Web"/> 
        </providers>
    </membership>
</system.web>
<!--securing folders-->
<location path="Members">
    <system.web>
        <authorization>
            <deny users="?"/>
        </authorization>
    </system.web>
</location>    
</configuration>
+5
1

() , auth, .

, , , . , . , . Asp.Net , .

enableCrossAppRedirects = true forms. MachineKey , auth.

http://msdn.microsoft.com/en-us/library/eb0zx8fc.aspx

+3

More articles:


All Articles