如果ReturnURL为null，则ASP.Net身份验证UserData为空 [英] ASP.Net Authentication if ReturnURL is null UserData comes empty

问题描述

我的登录页面有问题.

情况是，

例如，我转到www.mydomain.com/admin/，将其重定向到具有ReturnURL参数的登录页面，如下所示. www.mydomain.com/login.aspx?ReturnURL=%2fAdmin%2f.

我使用管理员帐户登录，一切正常.

但是，如果我直接进入Login.aspx，这意味着没有ReturnURL QueryString字段.

我使用相同的管理员帐户登录，但是当我尝试登录www.mydomain.com/admin/后，将其重定向到登录页面.

我正在像这样导航.我想念的是什么?

Hi there is a problem in my login page.

The scenario is,

For example i go to www.mydomain.com/admin/ its redirecting me to the login page with ReturnURL parameter like this. www.mydomain.com/login.aspx?ReturnURL=%2fAdmin%2f.

I am logging in with admin account and everything works fine.

But if i go to Login.aspx directly which means there isn''t ReturnURL QueryString field.

I log in with same admin account but when i try to go www.mydomain.com/admin/ after i logged in its redirecting me back to the login page.

I''m doing navigates like this. What i am missing?

//check if there is a ReturnURL
if (QueryStringTool.IsExistAndNotNull("ReturnURL"))
{
    string returnUrl = Request.QueryString["ReturnURL"].ToString();
    Response.Redirect(FormsAuthentication.GetRedirectUrl(txtCompanyEmail.Text.Trim(), false));
}
//ReturnURL doesn''t exists.
else
{
    FormsAuthentication.SetAuthCookie(txtCompanyEmail.Text, false);
    Response.Redirect("~/");
}

推荐答案

首先，您应该重新检查authcookie的设置.看起来不对(设置
仅当未设置returnurl时才..看起来..意想不到且应在发生之前-验证登录凭据后立即发生)

然后，您不需要自己检查returnurl. formsauthentication正在处理
你的.在您的web.config中，在表单身份验证部分中设置适当的defaulturl和loginurl.例如

Hi,

first of all, you should recheck the setting of your authcookie. That looks wrong (setting
it only if returnurl is not set ..that looks..not intended and should''ve happened before - right after verifying the login credentials)

Then, you dont need to check returnurl yourself. formsauthentication is handling that for
your. In your web.config, set the appropiate defaulturl and loginurl in the forms authentication section. E.g.

<pre>
<authentication mode="Forms">
<forms name="yourAppName" defaultUrl="yourInternalUrlWhichIsProtected" loginUrl="login.aspx" protection="All" timeout=".." slidingExpiration="true" path="/"/>
</authentication>
</pre>

这篇关于如果ReturnURL为null，则ASP.Net身份验证UserData为空的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！