tags:

views:

29

answers:

2
+1  Q: 

Identify the postback from a ASP.NET Login control

I have a <asp:Wizard> that is only applicable for a logged-out user. If the user is currently logged in, he/she is redirected to another page. On one of the wizard steps, as part of the wizard, I ask for credentials via the <asp:Login> control and log in the user. This presents a problem.

According to MSDN: "When a user uses the Login control to log in to a Web site, all data in the view state and all post data is lost. Do not perform actions in the LoggedIn event that rely on the view state."

Because of this, my Wizard control forgets the step it's on after the login process. MSDN recommends: "If you embed the Login control in a WizardStep object, explicitly set the ActiveStepIndex property in a Page_Load event handler if the user is authenticated. The Wizard control does not automatically advance to the next WizardStep object in this scenario."

However, because all view state is lost, the redirect for logged-in users kicks in, sending the user away from the page. What's the best way to determine, at page load, which of the states the user is in?

  • Already logged in some time ago; needs to be redirected.
  • Was just logged in from inside the wizard; needs to reach the next wizard step.

Thanks for any ideas.

+1  A: 

You can set a Session variable when the user logs in: Session("LoggedIn") = Now

When checking to redirect the user, check if LoggedIn was at least 3 minutes ago and then redirect. Because you set this Session variable after logging in it will be available (or maybe null if not logged in).

You might want to create a custom Login control, inheriting from Login, that sets this Session variable whenever a user logs in:

Public Class MyLogin : Inherits Login
    Private Sub MyLogin_LoggedIn() Handles Me.LoggedIn
        HttpContext.Current.Session("LoggedIn") = Now
    End Sub
End Class
Willem  2010-10-07 08:37:11
Checking time-since-login seems like the obvious route, but it's not quite foolproof, so I'd prefer another solution. A user can log in, then immediately visit this page, so the value would have to be more like 3 seconds (to catch fast users), and even then, a slow-loading page might miss the window, causing the unwanted redirect.
ChessWhiz  2010-10-07 16:55:06
Then add an event to the login control that is allowed and only let that login set a session object to prevent the redirect
Willem  2010-10-07 17:11:01
That would work, but it's a bit more complex than the solution I posted. Thanks for the idea, though!
ChessWhiz  2010-10-07 18:39:06
A: 

"A strange game. The only winning move is not to play." Reference to War Games

Instead of playing the redirect-preventing game, a different solution is possible. Since I control all links to the page in question, when the a user is logged in, I can change the destination (href) of those links to the post-redirect page. This bypasses the need to "play" on the page itself, and allows the page, if hit by a logged-in user, to always jump to appropriate next wizard step.

ChessWhiz  2010-10-07 17:08:23

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps