Forms authentication & frames

G

G-Fit

Hello group,

I use Forms Authentication in an intranet website. This website has a
framed default.aspx page : one left frame for a menu, one right frame for
the content. The menu depends on the authentication (i.e. each user won't
see the same menu) : for this, I use another cookie (let's call it the
user_id cookie).
If a user identifies him/herself, closes the browser, and comes back
after the authentication cookie has expired, he is redirected to the login
page. Fine.
On session start, I check if the user_id cookie exists and if it is not
expired (without this the menu would fail to build). Otherwise, I do a
FormsAuthentication.SignOut(). And here comes the problem : the login page
appears in the left frame, instead of taking all the page. My login page
being larger than the frame, the result is awful.
Any idea on what I could do to force the login page to appear 'normally'
?

Karine Proot
G-Fit
 
G

G-Fit

Some code provided in case it can help understand what I'm doing :

in Web.config :
<authentication mode="Forms">

<forms name=".FaF_login" loginUrl="login.aspx" protection="All" timeout="30"
path="/" />

</authentication>



in my login.aspx codebehind :

HttpCookie cookie = new HttpCookie(".FaF_userid");

cookie.Value = reader["CTC_ID"].ToString();

cookie.Expires = DateTime.Now.AddHours(8);

Response.Cookies.Add(cookie);

FormsAuthentication.RedirectFromLoginPage (txtLogin.Text, true);
 
S

Steven Cheng[MSFT]

Hi G-Fit,

From your description, you are using the FormsAuthentication and the web
application is frame based. When the user's authentcation token has expired
and be redirected to the login page. The login page sometimes occur in the
left frame rather than the top frame which maked the whole page very ugly.
So you're wondering how to make the login page display in the top leve
frame no matter what the original location it's located , yes?

I've also occured such problem before and my solution is to use a client
script block in the "login.aspx" page to detect whether the login page is
at the top frame. And execute the script when at the client side's onload
event. For example, in the login page we put the below function in <head>
area:

.....
<script language="javascript">
function goTopFrame()
{
if(window != window.top)
{
window.top.location.href = window.location.href;
}
}
</script>
</head>

Then, use in the body's onload:

<body onload="goTopFrame()" >

Thus, when the login page is loaded it'll detect whether it is located in
the top window. if not, set the top window's location as the login page.
How do you think of this?

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx
 
G

G-Fit

Hi Steven,

Thanks a lot for your solution, which works great. I'm sorry as this was not
dotnet-related and only needed a bit of javascript, thank you for taking
your time answering me.
Karine
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Forms Authentication and Frames 2
FormsAuthentication cookie 2
Cookies, Session State, and Multiple users 1
Event called when forms authentication cookie expires 2
Forms Authentication Redirecting to Login 1
Forms authentication failed - ticket supplied has expired 7
ASP.NET Forms Authentication Cookie 3
Forms authentication problems 2

Top