ASP.Net FormAuthentication response.redirect to IIS Virtual Directory

Zeljko Zaric 1 Reputation point
2022-12-08T16:25:28.383+00:00

Have a LoginForm and default asp.net with to buttons on default asp.net. My Target is to after sucssefully Login redirect to default.aspx and by button click connect to IIS Virtual directory. Login is working fine but the Problem is that i get after button click LoginForm again to authenticate.What should i do to be able to be redirected to virtual directory without authenticate again.

MY LoginForm CodeBehind 

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)  
           
  
           string UserName = Login1.UserName;  
           string Password = Login1.Password;  
           bool RememberMe = Login1.RememberMeSet;  
  
           string adPath = ConfigurationManager.ConnectionStrings["AD"].ConnectionString;  
           string DomainFQDN = ConfigurationManager.AppSettings["DomainFQDN"];  
           string PermitedLoginGroup = ConfigurationManager.AppSettings["PermitiedLoginGroup"];  
           string DomainNetBiosName = ConfigurationManager.AppSettings["DomainNetBiosName"];  
  
  
           try  
           {  
               LdapAuthentication adAuth = new LdapAuthentication(adPath);  
               if (true == adAuth.Authenticate(UserName, Password, DomainNetBiosName))  
               {  
                   Session["UserName"] = UserName;  
                   FormsAuthenticationTicket tkt;  
                   string cookiestr;  
                   HttpCookie ck;  
                   tkt = new FormsAuthenticationTicket(1, UserName, DateTime.Now,  
                   DateTime.Now.AddMinutes(30), Login1.RememberMeSet, "your custom data");  
                   cookiestr = FormsAuthentication.Encrypt(tkt);  
                   ck = new HttpCookie(FormsAuthentication.FormsCookieName, cookiestr);  
                   string ckName = ck.Name;  
                   if (Login1.RememberMeSet)  
                       ck.Expires = tkt.Expiration;  
                   ck.Path = FormsAuthentication.FormsCookiePath;  
                   Response.Cookies.Add(ck);  
  
                   string strRedirect;  
                   strRedirect = Request["ReturnUrl"];  
                   if (strRedirect == null)  
                       strRedirect = "Default2.aspx";  
                   FormsAuthentication.RedirectFromLoginPage(UserName, RememberMe);  
                   Response.Redirect(strRedirect, true);  
                    
  
  
  
                     
  
  
               }  
  
  
           }  
           catch (Exception ex)  
           {  
  
  
  
           }  
  
  
       }

Default2.aspx 

<%@ Page Title="" Language="C#" MasterPageFile="~/Site.Master" AutoEventWireup="true" CodeBehind="Default2.aspx.cs" Inherits="LoginForm.Default2" %>  
<asp:Content ID="Content1" ContentPlaceHolderID="MainContent" runat="server">  
    <asp:Button ID="ButtonProd" runat="server" OnClick="ButtonProd_Click" Text="Prod" />  
    <asp:Button ID="ButtonTest" runat="server" OnClick="ButtonTest_Click" Text="Test" />  
</asp:Content>

I am trying to do somthing like this in button click method but i am redirecting again to LoginForm and if i give my credentials again i am able to access Virtual Directory on IIS 

protected void ButtonTest_Click(object sender, EventArgs e)  
        {  
            HttpCookie ck = (Request.Cookies[".ASPXAUTH"]);  
            Response.Cookies.Add(ck);  
              
              
           Response.Redirect("Response.Redirect("http://webserver.ad.com/VirtualDirectory",false);  
        }

Could someone give me some tips...Thanks in advance....

Internet Information Services
ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,249 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Yurong Dai-MSFT 2,776 Reputation points Microsoft Vendor
    2022-12-09T10:02:50.207+00:00

    Hi @Zeljko Zaric ,

    According to your description, when you are redirected to the default.aspx after passing the form authentication, and then click the button on the default.aspx to connect to the IIS virtual directory, you need to click the login form again for authentication. I can't reproduce your problem because the code you provided is incomplete. But I think the reason why the request is redirected to the logon.aspx page again may be that the form authentication cookie is missing, because the user is identified based on the authentication cookie, at some point, the client sends a request to the server, and the FormsAuthenticationModule class does not receive it cookie, you can determine if a request does not contain a cookie by enabling cookie logging in IIS. Also, forms-based authentication requires your clients to accept or enable cookies on their browsers.

    For implementing forms-based authentication in an ASP.NET application, you can refer to this document: https://learn.microsoft.com/en-us/troubleshoot/developer/webapps/aspnet/development/forms-based-authentication

    For forms authentication troubleshooting, you can refer to this document: https://learn.microsoft.com/en-us/iis/troubleshoot/security-issues/troubleshooting-forms-authentication

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the email notification for this thread.

    Best regards,
    Yurong Dai

    0 comments