FormsAuthentication redirect after timeout

Discussion in 'ASP .Net' started by christine.nguyen@gmail.com, Feb 5, 2008.

  1. Guest

    I am using Forms Authentication under Windows Server 2003 in .NET
    2.0. It appears that the auth ticket is expiring when it's supposed
    to but it doesn't automatically redirect the user to the login page.
    Here is some watered down sample code I had to put in the onLoad of my
    page in order to properly redirect the user upon expiration of the
    login. It appears that once the auth ticket is expired, the name of
    the Identity is lost (which makes sense) and then I redirect the user.

    protected override void OnLoad(EventArgs e)
    string userName = HttpContext.Current.User.Identity.Name;
    if(String.IsNullOrEmpty(userName)
    Response.Redirect(redirectUrl);
    }

    My question is whether I really have to include such code in my page
    to handle the the empty Identity name or should the framework be
    redirecting on its own once the auth ticket has expired and the
    identity name is empty?

    Thanks,
    Christine
     
    , Feb 5, 2008
    #1
    1. Advertising

  2. specifying the login url in the web.config file should solve your problem.
    by doing that the user will be automatically redirected to the login page at
    his/her first request to a secured path.

    <forms name=".aspxlogin" loginUrl="~/Login.aspx" />

    --
    Misbah Arefin

    <> wrote in message
    news:...
    > I am using Forms Authentication under Windows Server 2003 in .NET
    > 2.0. It appears that the auth ticket is expiring when it's supposed
    > to but it doesn't automatically redirect the user to the login page.
    > Here is some watered down sample code I had to put in the onLoad of my
    > page in order to properly redirect the user upon expiration of the
    > login. It appears that once the auth ticket is expired, the name of
    > the Identity is lost (which makes sense) and then I redirect the user.
    >
    > protected override void OnLoad(EventArgs e)
    > string userName = HttpContext.Current.User.Identity.Name;
    > if(String.IsNullOrEmpty(userName)
    > Response.Redirect(redirectUrl);
    > }
    >
    > My question is whether I really have to include such code in my page
    > to handle the the empty Identity name or should the framework be
    > redirecting on its own once the auth ticket has expired and the
    > identity name is empty?
    >
    > Thanks,
    > Christine
    >
     
    Misbah Arefin, Feb 5, 2008
    #2
    1. Advertising

  3. Guest

    Hello,

    I do specify the login url in web.config, but for whatever reason it
    doesn't redirect upon timeout when a secured resource is accessed.
    Instead it throws an exception when I try to access and use the value
    in HttpContext.Current.User.Identity.Name (which is now empty). This
    is why i put code into the onLoad in order to prevent the exception.
    Is there a reason why it wouldn't redirect even though I have the
    login url specified in web.config?

    Thanks,
    Christine
     
    , Feb 5, 2008
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Danny
    Replies:
    1
    Views:
    1,381
    Craig Deelsnyder
    Jun 17, 2004
  2. =?Utf-8?B?Q3JhaWc=?=

    formsauthentication timeout & session timeout

    =?Utf-8?B?Q3JhaWc=?=, Aug 10, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    2,706
    =?Utf-8?B?RU5JWklO?= .enizin.net>
    Aug 10, 2005
  3. Replies:
    6
    Views:
    1,733
    Coskun SUNALI [MVP]
    Feb 6, 2008
  4. Danny
    Replies:
    0
    Views:
    161
    Danny
    Jun 17, 2004
  5. Mark Probert

    Timeout::timeout and Socket timeout

    Mark Probert, Oct 6, 2004, in forum: Ruby
    Replies:
    1
    Views:
    1,351
    Brian Candler
    Oct 6, 2004
Loading...

Share This Page