RedirectFromLoginPage and loops

From: Rob O'Cop (RobOCop_at_discussions.microsoft.com)
Date: 10/25/04 

Date: Mon, 25 Oct 2004 04:51:01 -0700

Hi,

I've got an Intranet site that's been using the usual Forms authentication.
Now, I want to retrieve the Windows Login and authenticate the user
automatically without her typing login+password.
Thus I changed the security parameters in IIS (anonymous user unchecked,
Windows authentication checked). But I let the Forms in web.config unchanged
because I wanna keep the ReturnUrl system because I have some Session
parameters that are set at the beginning, no matter which page you use to get
in.

So, instead of checking the login;password couple is right, I just check
whether the Login Windows is valid, and then I run a RedirectFromLoginPage.
The trouble is that the page loops constantly. The RedirectFromLoginPage is
not taken into consideration whereas a debug shows it's ran. So, what's wrong?

Scheme:

My index.aspx:
 Private Sub Page_Load(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Load
      If Session("UserLoginIntegrated") Is Nothing Then
            IntegratedConnection()
        End If
    End Sub

Private Sub IntegratedConnection()
        Dim booUserExists As Boolean
        Dim dtNew As DataTable
        Dim booGo As Boolean = False
        Dim returnUrl As String
        Try

'Code to check whether current user is valid
' If not then display login page
' Else
    
                Session("UserLoginIntegrated") = False
                FormsAuthentication.RedirectFromLoginPage(Session.SessionID,
False)

            End If
        Catch ex As Exception
            ErrorLogin.Text = (ex.Message)
            ErrorLogin.Visible = True
            Session("UserLoginIntegree") = False
            Session.Clear()
            Session.Abandon()
            System.Web.Security.FormsAuthentication.SignOut()
        End Try

    End Sub

With such a code portion, the page loops moebiusly and never goes to the
requested page.

Thanks in advance,

Rob

Relevant Pages

  • RedirectFromLoginPage and loop
    ... I've got an Intranet site that's been using the usual Forms authentication. ... Windows authentication checked). ... whether the Login Windows is valid, and then I run a RedirectFromLoginPage. ... With such a code portion, the page loops moebiusly and never goes to the ...
    (microsoft.public.dotnet.general)
  • RE: How to get the login from IIS in C#
    ... you want to use Windows authentication instead ... client need to login to domain to avoid message box from ... | windows under IIS... ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Websites require a login
    ... It's *my* understanding (and I'm not a security expert) that when using ... integrated windows authentication you are using NTLM authentication or ... Windows 2000 and 2003 via Active Directory. ... That's why the server is requiring a login. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Changing passwords / Blocking SA login attempts
    ... I went into the Server Config properties and changed to Windows ... My login for Start and Run SQL server was in this format. ... I am supposing this was an SQL authentication, ...
    (microsoft.public.sqlserver.security)
  • Re: Change in ASP.Net authentication between Win2000 and Win2003
    ... > is turning on/off Kerberos is occuring. ... It control how IE deals with "Authentication: ... when you put IIS6 in a domain and have "Integrated Windows Authentication" ...
    (microsoft.public.windows.server.security)