Claims authentication custom login page not redirecting to ReturnUrl
I am running SiteFinity 6.3 with claims based authentication. I have created a custom login page and set the FrontEndLoginPageUrl to redirect to that page. The redirect is working fine and users can log in, however after the user logs in they are not redirected to the ReturnUrl property in the querystring. Instead they are redirected back to the login page. I did some debugging in the javascript and tracked the problem down to this function:
_getRedirectUrl: function (paramString)
var returnUrl;
var docUrl = this._getReturnLocation();
var handleRejectedUserParam = this.get_handleRejectedUserParam();
var currentLocation = window.location.href;
var separator = "?";
if (currentLocation.indexOf("?") != -1)
separator = "&";
returnUrl = currentLocation + separator + paramString + "&" + handleRejectedUserParam + "=true";
var returnUrlParam = this.get_returnUrlParam();
if (currentLocation.indexOf(returnUrlParam) < 0)
returnUrl += "&" + this.get_returnUrlParam() + "=" + encodeURIComponent(docUrl);
return returnUrl;
The docUrl has the correct url for the page they should be redirected to however as you can see they are actually redirected to the currentLocation variable which is the login page. Is this a bug or is there a settings i have missed that caused the code to generate this way?
Thanks
David
Hello David,
This is the correct behavior of the JavaScript method mentioned.
Could you give us some more information regarding this issue?
When you mentioned other widgets I realized I had a login/logout widget on my master page. Removing that fixes the issue. I seem to recall a post somewhere about a similar issue with the login/logout button causing issues that i looked at while researching another issue but i haven't been able to track it down yet. Is there a way for these two widgets to coexist or do I need to write a custom login/logout widget?
Hi David,
You can try to add the code below in the InitializeControls() method of your custom login widget in order to redirect the successfully logged in user to the page specified in the returnUrl property in the query string:
var returnUrl = HttpContext.Current.Request.QueryString[
"ReturnUrl"
];
if
(ClaimsManager.GetCurrentIdentity().IsAuthenticated &&
!
string
.IsNullOrWhiteSpace(returnUrl))
currentContext.Response.Redirect(returnUrl,
true
);
I actually ended up just creating a separate master page for my login page that does not have the login/logout widget on it but that would be an effective work around. I also opened a ticket with Telerik and they said this is a known bug that should be fixed in a future release.