views:

312

answers:

2

I'm actually using ASP.Net MVC, but I think this applicable to ASP.Net as well.

Investigating how authorization works I've reached the conclusion that ASP.Net MVC generates an HttpUnauthorizedResult when the user is not authorized and should be. And then ASP.Net reads from my Web.config:

<authentication mode="Forms">
   <forms loginUrl="~/Account/LogOn" timeout="2880"/>
</authentication>

and generates the actual URL and redirect result. Or phrased in another way: Is it correct to say that the ASP.Net MVC application never generates the redirect URL?

My problem is that I want to add some stuff to the redirect URL but the only thing it seems I could do is catch the HttpUnauthorizedResult and generate the whole URL redirection from scratch. Maybe there's a method in ASP.Net that would give me the redirect based on my config file so that I don't have to read the config file myself?

+1  A: 

Try this - System.Web.Security.FormsAuthentication.RedirectToLoginPage(string extraQueryString), where extraQueryString - the query string to include with the redirect URL.

eu-ge-ne
That's definitely a step into the right direction. That method exactly can't work for me because I need the URL or the RedirectResult, I don't want to redirect right away. I've tried the LogInUrl() on the same class, but it doesn't have the ReturnUrl argument.
J. Pablo Fernández
A: 

The URL without any automatic stuff added, such as ReturnURL, just as it's configured, can be retrieved with:

System.Web.Security.FormsAuthentication.LoginUrl
J. Pablo Fernández