ASP.NET - How do I prevent URL entry and redirect the user to login page?

Asked By lakshmi chaitanya on 23-Jan-12 10:58 PM
How do I prevent URL entry and redirect the user to login page?
   
smr replied to lakshmi chaitanya on 23-Jan-12 11:26 PM
hi

Apart from configuring authentication in the web.config file, you can also use the Global.asax Session_Start(...) method to check for users new session, also be sure you revise the session cookie, if it is null you should redirect the user to the login page:

public class Global:System.Web.HttpApplication
{
  protected void Session_Start(object sender, EventArgs e)
  {
    if(Session.IsNewSession)
    {
      if (Request.Headers["Cookie"] != null)
      {
        if (Request.Headers["Cookie"].IndexOf("Web_App_Login_Cookie", StringComparison.OrdinalIgnoreCase) >= 0)
        {
          FormsAuthentication.SignOut();
          Context.User = null;
          Response.Redirect("~/logOn.aspx");
        }
      }
    }
  }
}

follow
 http://stackoverflow.com/questions/4026125/how-do-i-prevent-url-entry-and-redirect-the-user-to-login-page
bharti odedra replied to lakshmi chaitanya on 23-Jan-12 11:31 PM

using System;

using System.Data;

using System.Configuration;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Web.UI.HtmlControls;

using System.Collections;


public sealed class WhoseHandler

{

  public static Hashtable objUser = new Hashtable();

  

  public static int WhoseInn(int userId, string strUser)

  {

    int retVal = 0;

    if (!(objUser.Contains(userId)))

    {

      objUser.Add(userId, strUser);

      return retVal;

    }

    else

    {

      retVal = 1;

    }

    return retVal;

  }

  

  public static void WhoseOnline()

  {

    IDictionaryEnumerator whosOln = objUser.GetEnumerator();

    while (whosOln.MoveNext())

    {

      HttpContext.Current.Response.Write(whosOln.Value + "<br>");

    }

  }

  

  public static void RemoveUser(int userId)

  {

    if (objUser.Contains(userId))

    {

      objUser.Remove(userId);

    }

  }

}

Riley K replied to lakshmi chaitanya on 24-Jan-12 12:02 AM

You have to set the authentication mode in your web.config


  <authentication mode="Forms">
        <forms name="Authen" protection="All" timeout="60" loginUrl="login.aspx"/>
    </authentication>
<authorization>
    <deny users="?"/>
</authorization>
dipa ahuja replied to lakshmi chaitanya on 24-Jan-12 03:11 AM
Whenever user login save the username in the session variable and if the session variable is null then redirect user to the login page

 
protected void Page_Load(object sender, EventArgs e)
{
  if (Session["user"] == null)
  {
    Response.Redirect("login.aspx");
  }
 
}