newbie: help with Forms Authentication & querystring

Discussion in 'ASP .Net' started by Derrick, Oct 5, 2004.

  1. Derrick

    Derrick Guest

    Hello all;

    Just starting out with ASP.NET. I want to protect a bunch of forms in a
    folder using Forms Authentication. This much I have working. So when user
    trys to access www.mywebsiteURL.com/securefolder/securepage.aspx they are
    automatically routed to www.mywebsiteURL.com/securefolder/login.aspx.

    As part of the login process, I download the user's unique identifier
    (user_id) from a SQL DB. I want other pages to have access to this
    information (in case they need to go to the DB again), without using
    cookies. I figured the best method was to stick the ID in the URL as a
    querystring parameter. But my question is, how can the login page append
    this querystring to the URL, if the URL currently does not have any
    querystring parameters?

    I.e., user surfs to the www.mywebsiteURL.com/securefolder/securepage.aspx
    page, gets directed to www.mywebsiteURL.com/securefolder/login.aspx, and in
    turn should get routed to
    www.mywebsiteURL.com/securefolder/securepage.aspx?user_id=12. The
    FormsAuthentication.GetRedirectURL is (obviously) read-only - is there any
    way to change it? I also tried catching the Authenticated event and doing
    Response.Redirect, but that event isn't being fired for some reason...

    I've googled with no luck :(

    Thanks!

    Derrick
    Derrick, Oct 5, 2004
    #1
    1. Advertising

  2. Derrick

    Derrick Guest

    PS: I'm calling the FormsAuthentication.RedirectFromLoginPage() function
    after I validate the username/password. Is this necessary?

    I guess in theory I could manually call FormsAuthentication.SetAuthCookie()
    and then do a Response.Redirect(), generating the redirect URL from the
    FormsAuthentication.GetRedirectURL() and appending the user_id
    querystring...

    I need a good book! :)

    D

    "Derrick" <> wrote in message
    news:pMz8d.13372$...
    > Hello all;
    >
    > Just starting out with ASP.NET. I want to protect a bunch of forms in a
    > folder using Forms Authentication. This much I have working. So when

    user
    > trys to access www.mywebsiteURL.com/securefolder/securepage.aspx they are
    > automatically routed to www.mywebsiteURL.com/securefolder/login.aspx.
    >
    > As part of the login process, I download the user's unique identifier
    > (user_id) from a SQL DB. I want other pages to have access to this
    > information (in case they need to go to the DB again), without using
    > cookies. I figured the best method was to stick the ID in the URL as a
    > querystring parameter. But my question is, how can the login page append
    > this querystring to the URL, if the URL currently does not have any
    > querystring parameters?
    >
    > I.e., user surfs to the www.mywebsiteURL.com/securefolder/securepage.aspx
    > page, gets directed to www.mywebsiteURL.com/securefolder/login.aspx, and

    in
    > turn should get routed to
    > www.mywebsiteURL.com/securefolder/securepage.aspx?user_id=12. The
    > FormsAuthentication.GetRedirectURL is (obviously) read-only - is there any
    > way to change it? I also tried catching the Authenticated event and doing
    > Response.Redirect, but that event isn't being fired for some reason...
    >
    > I've googled with no luck :(
    >
    > Thanks!
    >
    > Derrick
    >
    >
    >
    Derrick, Oct 5, 2004
    #2
    1. Advertising

  3. Derrick

    Derrick Guest

    That worked! Thanks for reading :)

    Derrick


    "Derrick" <> wrote in message
    news:B3A8d.13475$...
    > PS: I'm calling the FormsAuthentication.RedirectFromLoginPage() function
    > after I validate the username/password. Is this necessary?
    >
    > I guess in theory I could manually call

    FormsAuthentication.SetAuthCookie()
    > and then do a Response.Redirect(), generating the redirect URL from the
    > FormsAuthentication.GetRedirectURL() and appending the user_id
    > querystring...
    >
    > I need a good book! :)
    >
    > D
    >
    > "Derrick" <> wrote in message
    > news:pMz8d.13372$...
    > > Hello all;
    > >
    > > Just starting out with ASP.NET. I want to protect a bunch of forms in a
    > > folder using Forms Authentication. This much I have working. So when

    > user
    > > trys to access www.mywebsiteURL.com/securefolder/securepage.aspx they

    are
    > > automatically routed to www.mywebsiteURL.com/securefolder/login.aspx.
    > >
    > > As part of the login process, I download the user's unique identifier
    > > (user_id) from a SQL DB. I want other pages to have access to this
    > > information (in case they need to go to the DB again), without using
    > > cookies. I figured the best method was to stick the ID in the URL as a
    > > querystring parameter. But my question is, how can the login page

    append
    > > this querystring to the URL, if the URL currently does not have any
    > > querystring parameters?
    > >
    > > I.e., user surfs to the

    www.mywebsiteURL.com/securefolder/securepage.aspx
    > > page, gets directed to www.mywebsiteURL.com/securefolder/login.aspx, and

    > in
    > > turn should get routed to
    > > www.mywebsiteURL.com/securefolder/securepage.aspx?user_id=12. The
    > > FormsAuthentication.GetRedirectURL is (obviously) read-only - is there

    any
    > > way to change it? I also tried catching the Authenticated event and

    doing
    > > Response.Redirect, but that event isn't being fired for some reason...
    > >
    > > I've googled with no luck :(
    > >
    > > Thanks!
    > >
    > > Derrick
    > >
    > >
    > >

    >
    >
    Derrick, Oct 5, 2004
    #3
  4. Such a pleasure sitting here watching people think.... <grin>

    "Derrick" wrote:

    > That worked! Thanks for reading :)
    >
    > Derrick
    >
    >
    > "Derrick" <> wrote in message
    > news:B3A8d.13475$...
    > > PS: I'm calling the FormsAuthentication.RedirectFromLoginPage() function
    > > after I validate the username/password. Is this necessary?
    > >
    > > I guess in theory I could manually call

    > FormsAuthentication.SetAuthCookie()
    > > and then do a Response.Redirect(), generating the redirect URL from the
    > > FormsAuthentication.GetRedirectURL() and appending the user_id
    > > querystring...
    > >
    > > I need a good book! :)
    > >
    > > D
    > >
    > > "Derrick" <> wrote in message
    > > news:pMz8d.13372$...
    > > > Hello all;
    > > >
    > > > Just starting out with ASP.NET. I want to protect a bunch of forms in a
    > > > folder using Forms Authentication. This much I have working. So when

    > > user
    > > > trys to access www.mywebsiteURL.com/securefolder/securepage.aspx they

    > are
    > > > automatically routed to www.mywebsiteURL.com/securefolder/login.aspx.
    > > >
    > > > As part of the login process, I download the user's unique identifier
    > > > (user_id) from a SQL DB. I want other pages to have access to this
    > > > information (in case they need to go to the DB again), without using
    > > > cookies. I figured the best method was to stick the ID in the URL as a
    > > > querystring parameter. But my question is, how can the login page

    > append
    > > > this querystring to the URL, if the URL currently does not have any
    > > > querystring parameters?
    > > >
    > > > I.e., user surfs to the

    > www.mywebsiteURL.com/securefolder/securepage.aspx
    > > > page, gets directed to www.mywebsiteURL.com/securefolder/login.aspx, and

    > > in
    > > > turn should get routed to
    > > > www.mywebsiteURL.com/securefolder/securepage.aspx?user_id=12. The
    > > > FormsAuthentication.GetRedirectURL is (obviously) read-only - is there

    > any
    > > > way to change it? I also tried catching the Authenticated event and

    > doing
    > > > Response.Redirect, but that event isn't being fired for some reason...
    > > >
    > > > I've googled with no luck :(
    > > >
    > > > Thanks!
    > > >
    > > > Derrick
    > > >
    > > >
    > > >

    > >
    > >

    >
    >
    >
    =?Utf-8?B?S2VuIENveCBbTWljcm9zb2Z0IE1WUF0=?=, Oct 5, 2004
    #4
  5. Derrick

    Derrick Guest

    I really was stuck on this for a few hours. But I figure it is better to
    come up with a solution myself while asking a question than to give up and
    wait for you experts to solve my relatively little problems...I swear the
    'net has us all spoiled (note the irony in posting to an ASP.NET group!)

    Again, thanks for reading!

    Derrick


    "Ken Cox [Microsoft MVP]" <> wrote in message
    news:...
    > Such a pleasure sitting here watching people think.... <grin>
    >
    > "Derrick" wrote:
    >
    > > That worked! Thanks for reading :)
    > >
    > > Derrick
    > >
    > >
    > > "Derrick" <> wrote in message
    > > news:B3A8d.13475$...
    > > > PS: I'm calling the FormsAuthentication.RedirectFromLoginPage()

    function
    > > > after I validate the username/password. Is this necessary?
    > > >
    > > > I guess in theory I could manually call

    > > FormsAuthentication.SetAuthCookie()
    > > > and then do a Response.Redirect(), generating the redirect URL from

    the
    > > > FormsAuthentication.GetRedirectURL() and appending the user_id
    > > > querystring...
    > > >
    > > > I need a good book! :)
    > > >
    > > > D
    > > >
    > > > "Derrick" <> wrote in message
    > > > news:pMz8d.13372$...
    > > > > Hello all;
    > > > >
    > > > > Just starting out with ASP.NET. I want to protect a bunch of forms

    in a
    > > > > folder using Forms Authentication. This much I have working. So

    when
    > > > user
    > > > > trys to access www.mywebsiteURL.com/securefolder/securepage.aspx

    they
    > > are
    > > > > automatically routed to

    www.mywebsiteURL.com/securefolder/login.aspx.
    > > > >
    > > > > As part of the login process, I download the user's unique

    identifier
    > > > > (user_id) from a SQL DB. I want other pages to have access to this
    > > > > information (in case they need to go to the DB again), without using
    > > > > cookies. I figured the best method was to stick the ID in the URL

    as a
    > > > > querystring parameter. But my question is, how can the login page

    > > append
    > > > > this querystring to the URL, if the URL currently does not have any
    > > > > querystring parameters?
    > > > >
    > > > > I.e., user surfs to the

    > > www.mywebsiteURL.com/securefolder/securepage.aspx
    > > > > page, gets directed to www.mywebsiteURL.com/securefolder/login.aspx,

    and
    > > > in
    > > > > turn should get routed to
    > > > > www.mywebsiteURL.com/securefolder/securepage.aspx?user_id=12. The
    > > > > FormsAuthentication.GetRedirectURL is (obviously) read-only - is

    there
    > > any
    > > > > way to change it? I also tried catching the Authenticated event and

    > > doing
    > > > > Response.Redirect, but that event isn't being fired for some

    reason...
    > > > >
    > > > > I've googled with no luck :(
    > > > >
    > > > > Thanks!
    > > > >
    > > > > Derrick
    > > > >
    > > > >
    > > > >
    > > >
    > > >

    > >
    > >
    > >
    Derrick, Oct 5, 2004
    #5
  6. Derrick

    navyjax2

    Joined:
    Sep 20, 2008
    Messages:
    11
    Code?

    I'm having the same issue and am probably more of a noob to Forms Authentication redirects than you are. Any chance you'd be willing to share what you did in code form?
    navyjax2, Nov 28, 2011
    #6
  7. Derrick

    navyjax2

    Joined:
    Sep 20, 2008
    Messages:
    11
    Redirect with a QueryString Parameter

    Actually, like my collegue above, I solved it on my own. This is in my Page_Load routine, where "DBAuthenticate()" is my method that returns the user ID if the stored procedure finds a match in the Users table for the UserName and Password values from the textboxes on the screen:

    Code:
            if (IsPostBack)
            {
                int userID = DBAuthenticate();
                if (userID > 0)
                {
                    string redirectUrl = "";
                    string url = HttpContext.Current.Request.Url.ToString();
                    string[] baseUrl = url.Split('/');
                    for (int i = 0; i < baseUrl.Length-1; i++)
                    {
                        redirectUrl += baseUrl[i] + "/";
                    }
                   // FormsAuthentication.RedirectFromLoginPage(txtUser.Text, false); // won't allow QueryString
                    FormsAuthentication.SetAuthCookie(txtUser.Text, false);
                    Response.Redirect(redirectUrl + "Default.aspx?UserID=" + userID); // ViewState doesn't persist to Default.aspx
                }
            }
    HTH, Tom
    Last edited: Nov 28, 2011
    navyjax2, Nov 28, 2011
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Eric
    Replies:
    2
    Views:
    1,405
    Tommy
    Feb 13, 2004
  2. Mehdi
    Replies:
    6
    Views:
    36,075
    sloan
    Apr 6, 2006
  3. Replies:
    2
    Views:
    1,652
    ytkaczyk
    Aug 20, 2008
  4. Eric
    Replies:
    2
    Views:
    467
  5. Adeel Ahmad
    Replies:
    1
    Views:
    363
    Anthony Jones
    Mar 7, 2006
Loading...

Share This Page