Remove From My Forums

where to put IsAuthenticated method?

Question
0

Sign in to vote
User1052662409 posted

Hi All,

I just started using form authentication in my application. Where I have a master page.

So please let me know where to put code to verify whether user has logged in or not.

protected void Page_Load(object sender, EventArgs e) { if (!this.Page.User.Identity.IsAuthenticated) { FormsAuthentication.RedirectToLoginPage(); } }

Do I need to put above code in every form or it is just enough to put it into master page?

Thanks
Wednesday, January 13, 2016 11:44 AM

Answers

0

Sign in to vote
User-1716253493 posted

You don't need to do anything

With Form Authentication, if you want to access a page that need authentication and you have not logged in, you will automaticaly redirected to login page with ReturnUrl querystring.

RedirectToLoginPage method in login.aspx will redirect you back to the page you want to access (ReturnUrl)

To determine you have loggedin or not, add loginview and loginstatus control in masterpage

<asp:LoginView ID="HeadLoginView" runat="server" EnableViewState="false"> <AnonymousTemplate> Please [ <a href="~/Account/Login.aspx" ID="HeadLoginStatus" runat="server">Log In</a> ]! </AnonymousTemplate> <LoggedInTemplate> Welcome, <span class="bold"><asp:LoginName ID="HeadLoginName" runat="server" /></span>! [ <asp:LoginStatus ID="HeadLoginStatus" runat="server" LogoutAction="Redirect" LogoutText="Log Out" LogoutPageUrl="~/"/> ] </LoggedInTemplate> </asp:LoginView>

use web.config to configure authorization to deny or allow someone
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Thursday, January 14, 2016 1:41 AM

All replies

User1401801381 posted

Hi,

Assuming you are using webforms, you can configure that in you web.Config

<configuration>
   <system.web>
      <authorization>
         <deny users="?"/>
      </authorization>
   </system.web>
</configuration>

see : https://msdn.microsoft.com/en-us/library/8d82143t(v=vs.85).aspx

If you are using MVC, you can add the AuthorizeAttribute in the AppStart/FilterConfig class

 public class FilterConfig
    {
        public static void RegisterGlobalFilters(GlobalFilterCollection filters)
        {

            filters.Add(new AuthorizeAttribute());

        }
    }
}

Wednesday, January 13, 2016 11:54 AM

0

Sign in to vote

User753101303 posted

Hi,

You shouldn't need this at all. It should be done for you when you try to access a page that requires to be authenticated. More likely you configured authentication without configuring any authrorization rule. See https://support.microsoft.com/en-us/kb/316871 and check the location/authorization tag depending on what you need.

Wednesday, January 13, 2016 11:58 AM
0

Sign in to vote
User-1716253493 posted

You don't need to do anything

With Form Authentication, if you want to access a page that need authentication and you have not logged in, you will automaticaly redirected to login page with ReturnUrl querystring.

RedirectToLoginPage method in login.aspx will redirect you back to the page you want to access (ReturnUrl)

To determine you have loggedin or not, add loginview and loginstatus control in masterpage

<asp:LoginView ID="HeadLoginView" runat="server" EnableViewState="false"> <AnonymousTemplate> Please [ <a href="~/Account/Login.aspx" ID="HeadLoginStatus" runat="server">Log In</a> ]! </AnonymousTemplate> <LoggedInTemplate> Welcome, <span class="bold"><asp:LoginName ID="HeadLoginName" runat="server" /></span>! [ <asp:LoginStatus ID="HeadLoginStatus" runat="server" LogoutAction="Redirect" LogoutText="Log Out" LogoutPageUrl="~/"/> ] </LoggedInTemplate> </asp:LoginView>

use web.config to configure authorization to deny or allow someone
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Thursday, January 14, 2016 1:41 AM

Answered by:

where to put IsAuthenticated method?

Question

Answers

All replies