FormAuthenticate.RedirectFromLoginPage

• Previous message: Beginner: "Re: Forms based authentication and classic ASP pages"
• Next in thread: CW: "Problem resolved"
• Reply: CW: "Problem resolved"
• Reply: Ravichandran J.V.: "Re: FormAuthenticate.RedirectFromLoginPage"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 22 Mar 2004 16:18:13 +1100

I am complete new to ASP.Net and still trying to find my way around, and all
help is appreciated.

I am using FormAuthenication to secure a web application I am building.
Every pages (barring a few expecptions) are secured by using Authentication
and Authorization tag in web.config.

My problem is that I need to differentiate between administrator and normal
user. The approach I have taken is that when a user attempts to access a
page requiring administrative rights, I would first check whether user has
admin right or not (by calling stored proc on a back end database) in the
page load event of the page requiring administrative rights. If the user
does not have the requisite right, I would use response.redirect
(login.aspx) to direct the user back to the login back in the page load
event.

However, when the user attempts to log on, and my code calls
FormsAuthentication.RedirectFromLoginPage(loginId, false) method where
loginID is retrieved from back end database, I get the following error:

Exception Details: System.Web.HttpException: Server cannot modify cookies
after HTTP headers have been sent.

Source Error:

Line 59: 'End if
Line 60:
Line 61: FormsAuthentication.RedirectFromLoginPage(loginId,
false)
Line 62:
Line 63: Else

Any idea what is happening there? Note that RedirectFromLoginpage may have
already been called when the user first enters the site (as the entire site
is secured). However, the user might have logged on using a login without
administrative priviledge. Thus, when they attempt to access pages requiring
administrative rights, my code redirect them to the login page again (so
that hopefully they'd log in with an id associated with administrative
rights). My guess is that the problem is due to calling
RedirectFromLoginPage again when authentication cookie has already been set
within the same session.

Anyway, all help appreciated.

thanks in advance

CW

• Previous message: Beginner: "Re: Forms based authentication and classic ASP pages"
• Next in thread: CW: "Problem resolved"
• Reply: CW: "Problem resolved"
• Reply: Ravichandran J.V.: "Re: FormAuthenticate.RedirectFromLoginPage"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]