redirecting from another page besides the login page



We have forms authentication working on a website. A user is presented the
login page where he can login or press a button to go to the Registration

In the Registration page, he puts in his data and submits it. If
successful, he is taken to the login page to reenter is his username,
password. Can we elminate this second step without compromising security?
That is have the system login a user?

I attempted to redirect him from the Registration page, but forms
authentication will not allow that.

The code to do the redirections is very simple:

Private Sub RedirectUser(ByVal strUserName As String)

Dim strReturnURL As String = Request.QueryString.Item("ReturnUrl")
'create authentication ticket
Dim authTicket As New FormsAuthenticationTicket(1, strUserName,
DateTime.Now, DateTime.Now.AddMinutes(20), False, Session("WebRoles"))

'Create encrypted string representation of ticket
Dim strEncryptedTicket As String
strEncryptedTicket = FormsAuthentication.Encrypt(authTicket)
Catch ex As Exception
Session("StringEncrptFailed") = ex.Message
End Try

'Store it within a HttpCookie Object
Dim authCookie As New
HttpCookie(FormsAuthentication.FormsCookieName, strEncryptedTicket)
Dim strCookiePath As String = authCookie.Path
'Add it the cookie to the outgoing cookie collection
Catch ex As Exception
Session("CookieAddFailed") = ex.Message
End Try

'Redirect the request

End Sub




I think the answer to this problem is when the user sucessfully add himself
the following lines of code are executed:

FormsAuthentication.SetAuthCookie(tbEmail.Text, False)

I just want to make sure no compromise is made in security. Is there?

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question