asp.net Forms Authentication Issue
Hello Everyone,
I am having an issue with my forms authentication with Sitefinity 4.3. What I am trying to do is create a public/private website. The public section is one page and the private section is one page. I have an ASP.Net Login Control on the public section and set up everything in Web.Config to secure the private section.
Web.Config
<
authentication
mode
=
"Forms"
>
<
forms
name
=
".ASPXAUTH"
protection
=
"All"
loginUrl
=
"/Default"
defaultUrl
=
"/LoggedIn"
/>
</
authentication
>
<
location
path
=
"LoggedIn"
>
<
system.web
>
<
authorization
>
<
deny
users
=
"?"
/>
</
authorization
>
</
system.web
>
</
location
>
protected
void
Page_Load(
object
sender, EventArgs e)
this
.Login1.Authenticate += Login1_Authenticate;
accountService =
new
AccountService();
protected
void
Login1_Authenticate(
object
sender, AuthenticateEventArgs e)
e.Authenticated =
true
;
Login1.FailureText =
"There was an error"
;
FormsAuthentication.SetAuthCookie(HttpContext.Current.User.Identity.Name, Login1.RememberMeSet);
Response.Redirect(
""
);
// Private URL Redirection
Hi Rushman,
Did you try adding this to your Global.asax.cs file:
protected
void
Application_Error(
object
sender, EventArgs e)
var currentPage = HttpContext.Current.Request.Url.ToString();
Exception ex = Server.GetLastError();
if
(ex
is
HttpException)
HttpException httpEx = ex
as
HttpException;
if
(httpEx.Message ==
"You are not authorized to access this page"
)
Response.Redirect(
"~/login-page?ReturnUrl="
+ currentPage);
Server.ClearError();
Lubomir,
Thank you for your reply, but I am not having an issue with stopping someone from getting to the private section, the issue that I am having is that when I log in I am not being redirected to the private section.
When I enter my username and password (both good and I know that they work), I get an authentication cookie created, but the system redirects me back to the 'Login' page (the public section) and in the Url I get this: /Default?ReturnUrl=%2fLoggedIn.
If I am authenticated, then why aren't I able to see the private section (LoggedIn)? Is there a special way for me to use ASP.Net Forms Authentication with Sitefinity? Do I have to use Sitefinity to authenticate? If so how do I authenticate 2000+ users?
Any help would be greatly appreciated.
Thanks,
Tim
Hi Tim,
You can allow only certain roles to access a certain page. If you are logged in but not a member of the allowed role, using the code I sent you you should get a hit on Application_Error, where you should be redirected to your login page. If you use our standard Login control, passing the following parameter to the page with the control - ReturnUrl=<yoururl> will trigger an automatic redirect to this page after a successful login.
All the best,