forms authentication returns 401 instead of going to login page

Discussion in 'ASP .Net Security' started by Andy Fish, Feb 24, 2005.

  1. Andy Fish

    Andy Fish Guest

    Hi,

    I have an app in the 1.1 framework that uses forms authentication .

    In the normal case, if the user requests a page and is not logged in, he is
    redirected to the login page. However, I have noticed that if the original
    request includes a parameter called "ReturnUrl", the server immediately
    responds with a 401 error.

    I realise that ReturnUrl is also the name of a parameter used by forms
    authentication, but I don't see why this should cause any conflict, so it
    seems this is simply a bug in the framework. I can't find any documentation
    to say that ReturnUrl is a reserved name and cannot be used as an HTTP
    request parameter.

    Does anyone know of a workaround for this (apart from not having the
    parameter called ReturnUrl)? are there any other parameter names I should
    avoid?

    TIA

    Andy
    Andy Fish, Feb 24, 2005
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. tshad
    Replies:
    4
    Views:
    596
    tshad
    Feb 1, 2005
  2. Andy Fish
    Replies:
    2
    Views:
    857
    Andy Fish
    Feb 24, 2005
  3. Pascal Blanchard
    Replies:
    0
    Views:
    235
    Pascal Blanchard
    Aug 17, 2004
  4. Pascal Blanchard
    Replies:
    1
    Views:
    270
    Pascal Blanchard
    Aug 18, 2004
  5. Replies:
    1
    Views:
    128
    ccc31807
    Mar 24, 2008
Loading...

Share This Page