How to change a redirect when using forms-based authentication

[Guest]

Depending on user permissions, I would like to be able to change a redirect
to disallow certain users from going to a bookmarked page for which they
should have no access. Is there a way to modify the redirect in the
<LoginControl>_LoggedIn event?

 

[PeterKellner]

Depending on user permissions, I would like to be able to change a redirect
to disallow certain users from going to a bookmarked page for which they
should have no access. Is there a way to modify the redirect in the
<LoginControl>_LoggedIn event?

I think what you are wanting to do is check in the page_load event of
your aspx page. That is, after the authentication has already been
done earlier in the pipeline. What I always do is to check this:

IPrincipal iPrincipal = HttpContext.Current.User;
if (!iPrincipal.Identity.IsAuthenticated)
{
response.redirect...

This way, since I'm looking directly at the cookie I don't have to do
a sql access using Membership.GetUser().

You can also look for roles that are authorized at this point. (that
does take some sql queries though.)

Good luck
Peter Kellner
http://peterkellner.net

 

[Guest]

I am trying to avoid adding redirect logic to every page_load event by
handling the redirect directly after the login session.