I have an MVC4 application with Membership logon (through FormsAuthentication).
This is defined in web.config as follows. My default url is home root (~/):
<roleManager enabled="true" />
<authentication mode="Forms">
<forms defaultUrl="~" loginUrl="~/Account" />
</authentication>
In my AccountController in the Login post method, following code is relevant. This code is executed when the user clicks on the login with valid credentials.
if (Membership.ValidateUser(creds.Username, creds.Password))
{
FormsAuthentication.RedirectFromLoginPage(creds.Username, false);
return null;
}
Now, if I'm navigating (anonymously) to: ~/Admin, I get redirected to ~/Account to log in, which is perfect. I can see that the url is formed as follows:
http://localhost:23759/Account?ReturnUrl=%2fAdmin
But, when I succesfully login, I get redirected to home (~/) instead of ~/Admin
Please help! Many thanks!
Edit: Found the actual issue: it was the post method that wasn't receiving the querystring
I found the solution! Thanks to FlopScientist, who got me thinking further.
It was indeed because I was doing a POST method , which did not take the QueryString from the GET into account.
First I had this in my View:
@using (Html.BeginForm("Index", "Account")
{
<div class="LoginBox">
//Etc...
</div>
}
I have updated it to following:
@using (Html.BeginForm("Index", "Account", new { ReturnUrl = Request.QueryString["ReturnUrl"] }, FormMethod.Post))
{
//Etc...
}
Now I can actually see a querystring in my debug and I do get a correct redirect!
There doesn't seems any issue with your Return URL: [ %2f is /
] localhost:23759/Account?ReturnUrl=%2fAdmin
So, what remains is to do some checks as to what is causing such behaviour.
1.) Are you sure that the return page as specified in the return url:
localhost...?ReturnUrl=%2fAdmin
actually exists and your user has access to it?Here Admin is a folder, so you must have a page default.aspx
inside this folder. If it does not exists, RedirectFromLoginPage
by default will send you to DefaultURL
.
2.) Also, Try using FormsAuthentication.GetRedirectUrl() method to see what happens.
if (Membership.ValidateUser(creds.Username, creds.Password))
{
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, false));
}
3.) OR does this works ? [ Recommended for debug purposes ]
if (!string.IsNullOrEmpty(Request.QueryString["ReturnUrl"]))
{
Response.Redirect("~/Admin");
}
Lastly make sure there are NO such code lines redirecting user to other pages/DefaultURL.
It probably because that path is not detected as same app path:
By default, the ReturnUrl variable must refer to a page within the current application. If ReturnUrl refers to a page in a different application or on a different server, the RedirectFromLoginPage method redirects to the URL in the DefaultUrl property. If you want to allow redirects to a page outside the current application, you must set the EnableCrossAppRedirects property to true using the enableCrossAppRedirects attribute of the forms configuration element.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.