Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / General / February 2008

Tip: Looking for answers? Try searching our database.

FormsAuthentication redirect after timeout

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
christine.nguyen@gmail.com - 05 Feb 2008 17:22 GMT
I am using Forms Authentication under Windows Server 2003 in .NET
2.0.  It appears that the auth ticket is expiring when it's supposed
to but it doesn't automatically redirect the user to the login page.
Here is some watered down sample code I had to put in the onLoad of my
page in order to properly redirect the user upon expiration of the
login.  It appears that once the auth ticket is expired, the name of
the Identity is lost (which makes sense) and then I redirect the user.

protected override void OnLoad(EventArgs e)
 string userName = HttpContext.Current.User.Identity.Name;
 if(String.IsNullOrEmpty(userName)
     Response.Redirect(redirectUrl);
}

My question is whether I really have to include such code in my page
to handle the the empty Identity name or should the framework be
redirecting on its own once the auth ticket has expired and the
identity name is empty?

Thanks,
Christine
Reply to this Message
Misbah Arefin - 05 Feb 2008 18:13 GMT
specifying the login url in the web.config file should solve your problem.
by doing that the user will be automatically redirected to the login page at
his/her first request to a secured path.

<forms name=".aspxlogin" loginUrl="~/Login.aspx" />

--
Misbah Arefin

> I am using Forms Authentication under Windows Server 2003 in .NET
> 2.0.  It appears that the auth ticket is expiring when it's supposed
[quoted text clipped - 17 lines]
> Thanks,
> Christine
Reply to this Message
christine.nguyen@gmail.com - 05 Feb 2008 22:22 GMT
Hello,

I do specify the login url in web.config, but for whatever reason it
doesn't redirect upon timeout when a secured resource is accessed.
Instead it throws an exception when I try to access and use the value
in HttpContext.Current.User.Identity.Name (which is now empty). This
is why i put code into the onLoad in order to prevent the exception.
Is there a reason why it wouldn't redirect even though I have the
login url specified in web.config?

Thanks,
Christine
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.