locked
Force user to login fro accessing a link in vb.net RRS feed

  • Question

  • User-1578974752 posted

    I am using vb.net 2017.

    Once user submit then an email will be sent with a link which when clicked will show the studentdetail.aspx with all the values. This is working fine

    But issue is

    I can access any page in my website with out login details. hence user can click the link in email to a see the page..no need to login..

    When user click the link, I want to show the login page first-> only after they enter the login details -automatically the link must open.How to make it possible

    My mail code and login code is as below.

    e_mail.To.Add(mailis.Text)

    e_mail.CC.Add(Mailto.Text)

     

    e_mail.IsBodyHtml = False

    e_mail.Body = "New detail: " + Title.Text + " System : " + Systems.SelectedValue + " has been raised by student :" + student.Text + " Please double-click on the following doclink (Document link:  report) . Notes: http://10.150.12.11/ISSstudent/Problemdetails?studentID=46 "

     Smtp_Server.Send(e_mail)

    Login.aspx code

    Try

      con.Open()

    cmd = New SqlCommand

    cmd.Connection = con

    cmd.CommandText = "select Email from ISLogin where UserID= '" + txtUsername.Text.ToString + "' And Password ='" + txtPassword.Text.ToString + "'"

    drd = cmd.ExecuteReader

    If drd.HasRows = True Then

    drd.Read()

    Session.Add("x", txtUsername.Text)

    Response.Redirect("abc.aspx")

    End If

    Thursday, June 28, 2018 7:36 AM

Answers

  • User283571144 posted

    Hi shsu,

    As far as I know, if you enable the form authentication for your application, it will auto generate the returnurl when redirect to the login page

    Like below:

    http://localhost:52188/login.aspx?ReturnUrl=%2fISrequse%2fIw%2fITrequest%3frequsetID%3d15&requsetID=15

    Then you could use Request.QueryString["ReturnUrl"] to get the return url.

    /ISrequse/Iw/ITrequest?requsetID=15

    Then you could write your own logic(if condition) to redirect to the right page.

    Best Regards,

    Brando

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, July 3, 2018 6:55 AM

All replies

  • User-1171043462 posted

    You need to use Forms Authentication and enforce Login using Cookies.

    the system will check if User is logged in then only he will see the Page.

    Simple User Login Form example in ASP.Net

    Thursday, June 28, 2018 8:05 AM
  • User-1578974752 posted

    WebForms UnobtrusiveValidationMode requires a ScriptResourceMapping for 'jquery'. Please add a ScriptResourceMapping named jquery(case-sensitive 

    Tried as above link with a new project. but above error message is coming .

    Friday, June 29, 2018 3:39 AM
  • User-698989805 posted

    Hello shsu! You can use Session or Cookie to do this in the page load. Something as follows:

    protected void Page_Load(object sender, EventArgs e)
    {
        Page.Title = "Dashboard";
    
        int m = Convert.ToInt32(Session["UserID"]); //Getting the session id when user logged in, if not redirect as follows
    
        if (m == 0)
        {
           Response.Redirect("Default.aspx");
        }
    }

    Link means you are redirecting a user to a specific page. So just put the above code in the page load event of that page and done.

    Friday, June 29, 2018 5:55 AM
  • User283571144 posted

    Hi shsu,

    As far as I know, after asp.net 4.5, the Validators use data-attributes and bounded Javascript to do the validation work, so .NET expects you to add a script reference for jQuery.

    There are two ways to solve this error:

    1.Disable UnobtrusiveValidationMode

    ValidationSettings:UnobtrusiveValidationMode Specifies how ASP.NET globally enables the built-in validator controls to use unobtrusive JavaScript for client-side validation logic.

    If this key value is set to "None" [default], the ASP.NET application will use the pre-4.5 behavior (JavaScript inline in the pages) for client-side validation logic.

    If this key value is set to "WebForms", ASP.NET uses HTML5 data-attributes and late bound JavaScript from an added script reference for client-side validation logic.

    Add below web.config:

    <configuration>
        <appSettings>
            <add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
        </appSettings>
    </configuration>

    2.register the script

    In Global.asax Application_Start add mapping to your jQuery file path:

        Protected Sub Application_Start()
    
            ScriptManager.ScriptResourceMapping.AddDefinition("jquery", New ScriptResourceDefinition With {
    .Path = "~/scripts/jquery-1.7.2.min.js",
    .DebugPath = "~/scripts/jquery-1.7.2.min.js",
    .CdnPath = "http://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.4.1.min.js",
    .CdnDebugPath = "http://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.4.1.js"
    })
        End Sub

    Besides, I suggest you could consider implement form authentication in your web application.

    If you add the form authentication in the your web application. the IIS will auto redirect to the login page if user doesn't login in.

    More details, you could refer to below article.

    https://support.microsoft.com/en-sg/help/301240/how-to-implement-forms-based-authentication-in-your-asp-net-applicatio 

    Best Regards,

    Brando

    Friday, June 29, 2018 5:57 AM
  • User-1578974752 posted

     After using the update panel,users can not directly open the page with out entering the login details.


    http://10.10.10.10/ISrequse/Iw/ITrequest?requsetID=15  

    If the user is not logged in ,then it is redirecting to loginpage but once login ,it is opening about.aspx.  But once clicked the above link ,and user is not logged in, then must first redirect to login page (that part is working) and once user enteres the login details must automatically open the above link which will retrieve the details of request form 15. For each mail the link is different. Hence how can I change the below query in such a way.

    The request.aspx must open with request ID  and all its values.

    Can inform how to modify the response.redirect to capture the requsetID=15  and open ITrequest page? if the link is having detail.aspx with detailID 10, then open that page

    if (m == 0)

    {

    Response.Redirect("Default.aspx");

    }

    Thanks for all answers

    Monday, July 2, 2018 8:34 AM
  • User283571144 posted

    Hi shsu,

    As far as I know, if you enable the form authentication for your application, it will auto generate the returnurl when redirect to the login page

    Like below:

    http://localhost:52188/login.aspx?ReturnUrl=%2fISrequse%2fIw%2fITrequest%3frequsetID%3d15&requsetID=15

    Then you could use Request.QueryString["ReturnUrl"] to get the return url.

    /ISrequse/Iw/ITrequest?requsetID=15

    Then you could write your own logic(if condition) to redirect to the right page.

    Best Regards,

    Brando

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, July 3, 2018 6:55 AM
  • User-1578974752 posted

    Here I am not using Form Authentication.

    Inside the detail.aspx,I have below code.TxtUsername.text is having session value.so if the value gone then it will redirect to login page.

    If txtUsername.Text = "" Then

    Response.Redirect("login.aspx")

    In my email..link is having the problemID.But as you mentioned http://localhost:52188/login.aspx?ReturnUrl=%2fISrequse%2fIw%2fITrequest%3frequsetID%3d15&requsetID=15 is just glancing when the login page is shown.hence Request.QueryString("ReturnUrl") is not working.

    Edit

    Now it is working with session.I captured the problem ID from the pageload of detailpage.

    Tuesday, July 17, 2018 2:23 AM