Re: Forms authentication login page

Discussion in 'ASP .Net' started by John Saunders, Aug 28, 2003.

  1. "Jerry III" <> wrote in message
    news:%...
    > Is there a way to change ASP.NET forms authentication from redirecting to
    > the login page and just use Server.Transfer to it instead?


    No. That wouldn't work. It has to redirect because that's when it sends the
    login cookie.
    --
    John Saunders
    Internet Engineer
     
    John Saunders, Aug 28, 2003
    #1
    1. Advertising

  2. John Saunders

    Jerry III Guest

    It sends the login cookie BEFORE you enter your user name and password?
    What's in it?

    Jerry

    "John Saunders" <> wrote in message
    news:%...
    > "Jerry III" <> wrote in message
    > news:%...
    > > Is there a way to change ASP.NET forms authentication from redirecting

    to
    > > the login page and just use Server.Transfer to it instead?

    >
    > No. That wouldn't work. It has to redirect because that's when it sends

    the
    > login cookie.
    > --
    > John Saunders
    > Internet Engineer
    >
    >
    >
     
    Jerry III, Aug 28, 2003
    #2
    1. Advertising

  3. "Jerry III" <> wrote in message
    news:...
    > It sends the login cookie BEFORE you enter your user name and password?
    > What's in it?
    >


    No. After you enter your username and password and click "Ok", you validate
    the username and password and if valid, call RedirectToLoginPage(...). That
    puts the login cookie into Response.Cookies and then redirects to the
    originally-requested page. The redirect sets the login cookie, and when the
    client requests the original page (due to the redirect), it will send the
    login cookie.
    --
    John Saunders
    Internet Engineer
     
    John Saunders, Aug 28, 2003
    #3
  4. John Saunders

    Jerry III Guest

    I know that. That's why I would like the original request (the one where
    you're not authenticated yet, NOT the request submitting your name/password)
    not to be redirected to the login page but rather have the server to do
    Server.Transfer to that page. There's absolutely no need for the redirect.

    Jerry

    "John Saunders" <> wrote in message
    news:OgEP$...
    > "Jerry III" <> wrote in message
    > news:...
    > > It sends the login cookie BEFORE you enter your user name and password?
    > > What's in it?
    > >

    >
    > No. After you enter your username and password and click "Ok", you

    validate
    > the username and password and if valid, call RedirectToLoginPage(...).

    That
    > puts the login cookie into Response.Cookies and then redirects to the
    > originally-requested page. The redirect sets the login cookie, and when

    the
    > client requests the original page (due to the redirect), it will send the
    > login cookie.
    > --
    > John Saunders
    > Internet Engineer
    >
    >
    >
     
    Jerry III, Aug 29, 2003
    #4
  5. "Jerry III" <> wrote in message
    news:...
    > I know that. That's why I would like the original request (the one where
    > you're not authenticated yet, NOT the request submitting your

    name/password)
    > not to be redirected to the login page but rather have the server to do
    > Server.Transfer to that page. There's absolutely no need for the redirect.


    Jerry, the original request doesn't have a page to Server.Transfer _from_!
    When the Url Authorization module detects that the user doesn't have access
    to the page, it returns a 403 error. The Forms Authentication module sees
    this and redirects to the login page.

    Note that no handler was executed on this first request, so there's no place
    to Server.Transfer _from_.
    --
    John Saunders
    Internet Engineer
     
    John Saunders, Aug 29, 2003
    #5
  6. John Saunders

    Jerry III Guest

    Ok, I agree there's nothing to transfer from but still: the first request
    comes to the ASP.NET ISAPI filter (the request processor in java speak). It
    checks if the user is authorized (in forms authentication it checks if the
    cookie exists and is valid) and if not it sends a redirect (NOT 403 error,
    that's sent for Basic and Digest authentication, not for forms). I would
    like it to process the login page at this point instead of sending the
    redirect, the request processor knows what page that is and there really
    isn't a reason not to process it directly instead of redirecting to it.

    Jerry

    "John Saunders" <> wrote in message
    news:...
    > "Jerry III" <> wrote in message
    > news:...
    > > I know that. That's why I would like the original request (the one where
    > > you're not authenticated yet, NOT the request submitting your

    > name/password)
    > > not to be redirected to the login page but rather have the server to do
    > > Server.Transfer to that page. There's absolutely no need for the

    redirect.
    >
    > Jerry, the original request doesn't have a page to Server.Transfer _from_!
    > When the Url Authorization module detects that the user doesn't have

    access
    > to the page, it returns a 403 error. The Forms Authentication module sees
    > this and redirects to the login page.
    >
    > Note that no handler was executed on this first request, so there's no

    place
    > to Server.Transfer _from_.
    > --
    > John Saunders
    > Internet Engineer
    >
    >
    >
     
    Jerry III, Aug 29, 2003
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Eric
    Replies:
    2
    Views:
    1,484
    Tommy
    Feb 13, 2004
  2. Pascal Blanchard
    Replies:
    0
    Views:
    248
    Pascal Blanchard
    Aug 17, 2004
  3. Pascal Blanchard
    Replies:
    1
    Views:
    280
    Pascal Blanchard
    Aug 18, 2004
  4. Keltex
    Replies:
    1
    Views:
    404
    Dominick Baier [DevelopMentor]
    Jan 24, 2006
  5. Eric
    Replies:
    2
    Views:
    539
Loading...

Share This Page