Username + [space] causes login.aspx redirect but Identity.IsAuthenticated is TRUE
Question
I have a navigation control, shown only to authenticated users on the masterpage. This is shown by testing
System.Web.HttpContext.Current.User.Identity.IsAuthenticated == true
I am using Forms Authentication with a Active Directory Membership and a login control.
If I log in using my username with a space on the end... 'username ' the page is 302'd to the returnurl, then sent straight back to login.aspx... but strangely when loading the login.aspx page the second time, IsAuthenticated remains true.
This means that our login page incorrectly shows the navigation...
So now I am redirected to the login screen even though IsAuthenticated is true, could anyone explain why this could be?
Obviously the space in the user name is wrong, but I want to ensure a user does not experience this.
This code works fine in every other scenario.
2 answers
solution1
2 2014-04-28 11:41:59
You were right chrfin... I found a method on the Login control called OnLoggingIn... I simply set the username to itself with a trim and it worked great.. Thanks
protected void Login1_OnLoggingIn(object sender, System.Web.UI.WebControls.LoginCancelEventArgs e)
{
Login1.UserName = Login1.UserName.Trim();
}
solution2
0 ACCPTED 2014-04-28 10:28:32
This is not a solution to the problem you are asking about, but may still solve it for you and should be done anyhow IMO:
Why don't you apply a Trim to the username before processing it?
username = username.Trim();
This should remove any white space at the beginning and end and so the problematic situation should never happen.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.