RE: Checking IsAuthenticated for new ASP.NET session

From: Chris Rolon (ChrisRolon_at_discussions.microsoft.com)
Date: 01/23/05 

Date: Sun, 23 Jan 2005 08:01:02 -0800

In order to force authentication to occure you will have to disable the
anonymous user. The framework will verify that the user has been
authenticated and if not will redirect the user to the defined login page.

Here is a good sample:
http://samples.gotdotnet.com/quickstart/aspplus/default.aspx?url=/quickstart/aspplus/doc/formsauth.aspx

Chris Rolon

"Richard" wrote:

> How can I check to see if a user has previously been authenticated with
> FormsAuthentication on a page that is defined as viewable by everyone
> in web.config?
>
> For example, index.aspx and login.aspx allows everyone to see it via
> web.config entries:
> <authorization>
> <allow users="*" />
> </authorization>
>
> Then, when someone logs in I use forms authentication, and the user has
> the opportunity to keep the cookie/ticket persistent:
> FormsAuthentication.RedirectFromLoginPage(username, True)
>
> When the user closes out the session and returns to the website later,
> I would like to check if they had been previously authenticated using
> the index.aspx and login.aspx pages. Initially on those pages,
> Request.IsAuthenticated returns False, but if the user enters a
> restricted page, they are allowed to enter and Request.IsAuthenticated
> returns True from then on.
>
> Is this possible? Do I need to get into the cookie? If so, how?
> Thanks in advanced.
>
>

Relevant Pages

  • Re: authenticating username/password against Active Directory
    ... from Microsoft is to use SSPI to verify the credentials. ... SSPI under the hood and gives you a real logon token back that you can then ... The other way to do this is with LDAP using an LDAP bind to AD. ... are doing pure authentication, I'd suggest using S.DS.Protocols, as it has ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Sparc Solaris NIS client Linux NIS server
    ... >> I'll check over the nsswitch.conf and verify that its right. ... >> insecurities with NIS. ... If "shadow" passwords are enabled properly, ... once I get the authentication working I will ...
    (comp.os.linux.setup)
  • Re: Windows Update v5 issues and workaround
    ... > it works for my secureNAT clients but not Web proxy clients. ... the Internet while forcing Authentication for everything else,..it would be ... done the same for any similar situation, not just Windows Update. ... You have to verify that you created all the Rules exactly as the article ...
    (microsoft.public.isa)
  • Re: Windows Update v5 issues and workaround
    ... > it works for my secureNAT clients but not Web proxy clients. ... the Internet while forcing Authentication for everything else,..it would be ... done the same for any similar situation, not just Windows Update. ... You have to verify that you created all the Rules exactly as the article ...
    (microsoft.public.isa.configuration)
  • Re: Windows Update v5 issues and workaround
    ... > it works for my secureNAT clients but not Web proxy clients. ... the Internet while forcing Authentication for everything else,..it would be ... done the same for any similar situation, not just Windows Update. ... You have to verify that you created all the Rules exactly as the article ...
    (microsoft.public.isa.clients)