I m using "FormsAuthentication" in Asp.net coded in C#.net to validate the users , I m maintaining username in sessions to processing , the problem is when i copy the URL and paste in Firefox Browser its not Redirecting to Login page, But it is working fine in Case of IE browser. I m checking the sessions values and Redirecting to Login when it is not authenticated its works only for IE. I need for Firefox Browser. Could any suggest me some method.
A:
do you use: if (User.Identity.IsAuthenticated)
you don't have to store it in a session. you can access the user object :)
and did you use FormsAuthentication.RedirectFromLoginPage() and/or
if (!User.Identity.IsAuthenticated)
FormsAuthentication.RedirectToLoginPage()
if you use the login control do you have something in the code like this on the onclick of the asp:login control:
if (FormsAuthentication.Authenticate(username.Text, password.Text))
FormsAuthentication.RedirectFromLoginPage(username.Text, true);
and something like this in the web.config:
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="login.aspx" protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="devhood" password="password"/>
<user name="someguy" password="password"/>
</credentials>
</forms>
</authentication>
</system.web>
</configuration>
JP Hellemons
2009-10-01 09:56:16
I have a usercontrol for Menus, there i placed this code if(!HttpContext.Current.User.Identity.IsAuthenticated) FormsAuthentication.RedirectToLoginPage();but still it is not working. How to modify it, FireFox is storing Session values that s the trouble i think, how to resolve it.plz
GayaMani
2009-10-01 10:18:33
how do you authenticate? can you post the code for it plz?
JP Hellemons
2009-10-01 11:40:30
In the WebForms i m checking Like this: if (User.Identity.IsAuthenticated) { if ((Session["strRole"] != null iUserID = Convert.ToInt32(Session["iUserID"]); } else FormsAuthentication.RedirectToLoginPage(); } else FormsAuthentication.RedirectToLoginPage();
GayaMani
2009-10-01 12:19:09
hi capsoft, In User control I m Checking like this: if(!HttpContext.Current.User.Identity.IsAuthenticated) FormsAuthentication.RedirectToLoginPage();
GayaMani
2009-10-01 12:25:06
@masilami ok, but how do you set the cookie on the login? do you use the <asp:login ... control? do you have events to that control?
JP Hellemons
2009-10-02 03:47:08
I m not using cookies but instead placing the values in sessions. and I dont use Login control too
GayaMani
2009-10-03 06:06:01
@masilami it's ok if you don't use the asp:login but you should use: FormsAuthentication.RedirectFromLoginPage(username.Text, true);
JP Hellemons
2009-10-05 07:34:59
Hi Caspsoft , thanks for ur suggestions , its working previously i left the second parameter so it was troubling me but now its working .. Thanks 4 ur help
GayaMani
2009-10-07 06:02:59
@masilamani your welcome
JP Hellemons
2009-10-07 07:10:32
A:
If you are using FormsAuthentication, I recommend not to merge with Session. This combination gave us lot of pain in past. When you are using FormsAuthentication you can call Membership.GetUser() which will return you with the MembershipUser object of currently logged in user and if the user is not logged-in, it will return null.
So you can bind your redirect logic around this and check if the user is logged-in or not. Yes you can keep the Username in session for some other purpose.
this. __curious_geek
2009-10-01 09:58:03