ASP.Net web flow

Question

I am developing a large asp.net based application. Certain pages & links require user authentication. At some page, I have links and form submission for which I first need to authenticate the user. Here is an example:

In PageX I have a link L1. When user click, i check if user is authenticated or not. If not I redirect to login page. Once, the user is authenticated, I redirect back him to the PageX. But the problem is, I don't want the user to click L1 again! Instead, I want the L1 action to be executed once user is authenticated and its results displayed etc.

I am trying to have a good solution to this problem. Any idea on how to accomplish this?

Answer 1

there are several way of doing it:

1, The build-in way of Form Authentication, correct me if i remembered wrong, you should be able to add your own login logic and integrate your login control with Form Authentication provider

2, assign L1 url link to query string or a session if user is not login, and add logic to your login control, redirect user when login is successful.

Answer 2

Use Forms Authentication.

It's baked into ASP.NET and does exactly what you're talking about.

The User will click on a link. If they're not authenticated, they will be redirected to a login page (one of the parameters to the page will be the destination URL they were trying to reach). After a successful login, the User will be redirected to the page they requested instead of having to click the link again.

You also need to make sure you have your web.config set up to properly allow/deny unauthorized access to your application as described here:

Setting authorization rules for a particular page or folder in Web.config

Answer 3

ASP.NET's Forms Authentication addresses this scenario. You can deny all unauthenticated users to all pages or (more commonly) deny unauthenticated users to a proper subset of pages.