stackoom
  简体   繁体   中英

Login.aspx Looping and GetRolesForUser does not have any value

 原文  2014-12-22 23:20:46       c#/ asp.net/ asp.net-membership

Question

I am having trouble with my Web Form app. Specifically my app keeps going back to the Login page whenever the function GetRolesForUser return null. Here is a workflow of my app. An user first logs in using Login page and then redirects default.aspx if he is a ValidateUser. However, some Validated users (Membership.ValidateUser) when redirecting to default.aspx donot return role in GetRolesForUser( which is null). Therefore these users cannot redirect to different page( Staff/Default.aspx) even if i set role = "Officer" as a default. It still redirects them back to Login.aspx.

I dont know what is causing this problem. I check applicationName and it is correct.

Does anyone know what happens and what is causing this problem? Can you suggest a way to fix this?

web.config 

<location path="Default.aspx">
    <system.web>
        <authorization>
            <allow roles="Master,CanEdit"/>
            <allow roles="Admin,CanEdit"/>
            <allow roles="Staff,CanEdit"/>
            <allow roles="Officer"/>
            <allow roles="Agent"/>
            <allow roles="Front Desk"/>
            <allow roles="Manager"/>
            <deny users="?"/>
            <!--<allow users="*"/>-->
        </authorization>
    </system.web>
</location>

<authentication mode="Forms">
    <forms name="Login" loginUrl="~/Login.aspx" path="/" defaultUrl="~/Default.aspx" protection="All" timeout="60"/>
</authentication>
<membership defaultProvider="ApplMembershipProvider">
    <providers>
        <add name="ApplMembershipProvider" 
            connectionStringName="ApplConnection" 
            applicationName="/" enablePasswordRetrieval="false" enablePasswordReset="true"
            requiresQuestionAndAnswer="false" requiresUniqueEmail="true"
            passwordFormat="Hashed"
            minRequiredPasswordLength="3" minRequiredNonalphanumericCharacters="0" 
            maxInvalidPasswordAttempts="30" type="System.Web.Security.SqlMembershipProvider"/>
    </providers>
</membership>

Login.aspx 

protected void Page_Load(object sender, EventArgs e)
{
    TextBox username = (TextBox)loginControl.FindControl("UserName");
    TextBox password = (TextBox)loginControl.FindControl("Password");
    if (IsPostBack)
    {
        if (!String.IsNullOrEmpty(username.Text) && !String.IsNullOrEmpty(password.Text))
        {
            // set focus on the username text box when the page loads
            username.Focus();

            EmployeeSchool EmplSchool;
            string test = ApplConfiguration.DbConnectionString;
            EmplSchool = ApplSchoolUsers.GetEmployeeSchool(username.Text);
            string connection = ApplSchoolUsers.GetConnectionString(EmplSchool.School);

            ApplConfigurationSchool.ConfigureConnectionString(connection);

            string test1 = ApplConfiguration.DbConnectionString;
            if (Membership.ValidateUser(username.Text, password.Text))
            {
                string returnUrl = (string)Request.QueryString["ReturnUrl"];
                if (returnUrl != null)
                {
                    Response.Redirect("~/Default.aspx", false);
                }
            }
        }
    }
}

Default.aspx 

string userName = "";
string[] UserRoles = null;
System.Web.Security.RoleProvider roleProvider = System.Web.Security.Roles.Provider;
try
{
    string test = ApplConfiguration.DbConnectionString;
    userName = Membership.GetUser().UserName.ToString();
    //it does return a valid userName
    UserRoles = roleProvider.GetRolesForUser(userName);            
    //testing
    string currUserRole = (UserRoles.Length!=0) ? UserRoles[0] : "Officer";

    switch (currUserRole)
    {
        case "Master":
            Response.Redirect("~/Adm/DefaultMaster.aspx",false);
            break;
        case "Admin":
            Response.Redirect("~/Adm/Default.aspx",false);
            break;
        case "Front Desk":
            Response.Redirect("~/Lsi/Default.aspx",false);
            break;
        case "Staff":
        case "Officer":
            Response.Redirect("~/Staff/Default.aspx",false);
            break;
        case "Manager":
            Response.Redirect("~/Manager/Default.aspx",false);
            break;
        case "Agent":
            Response.Redirect("~/Agent/Default.aspx",false);
            break;                
    }
}

1 answers

solution1
 2 ACCPTED  2014-12-23 16:47:19

You are missing too many pieces -

  1. You need <roleManager..></roleManager> tag in web.config if you want to use Role Provider .

  2. Membership.ValidateUser is for validating user; you still need to create FormAuthentication Cookie by using FormsAuthentication.SetAuthCookie(username , true|false);

  3. You do not need to instantiate ... roleProvider = System.Web.Security.Roles.Provider; inside Default.aspx . You just need to call - string[] roles = Roles.GetRolesForUser(User.Identity.Name);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question IIS 7.5 does not redirect to login.aspx while Hosting Site that Contains Login Status Control silverlight with forms authentification - redirect to login.aspx CSS template not working with Login.aspx page ASP.Net aspxerrorpath=/Login.aspx Application redirects to login.aspx page Login.aspx: i have to check the userID, Password as well as the title of the user How does asp.net know not to apply security to login.aspx? Reverse proxy is giving me issues Communicating between login.aspx and default.aspx Using Active Directory Membership Provider prompts with Windows Security popup then my login.aspx so I have to login twice ASP.net default login.aspx page missing images
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM