How to change the return url when directing to the login page?

Asked

Viewed 1,148 times

1

How can I change the value of ReturnUrl passed to the login page when the user is on a specific page and the session expires?

For example, if the user is on the page www.meusite.com/seguranca.aspx and the session ends, rather than by default directing to www.meusite.com/login.aspx?ReturnUrl=seguranca.aspx I’d like it to be directed to another page, like www.meusite.com/login.aspx?ReturnUrl=default.aspx.

For the other pages, it would remain normal.

  • This application is Asp net, I say it is not MVC? If it is Asp net, just configure in the global.asax default methods. Session_onend: void Session_end(Object Sender, Eventargs E) { // Redirect to your page }

2 answers

1

The only way I see you doing that is by implementing your own authentication HTTP module.

You can see here the implementation of FormsAuthenticationModule that controls Forms authentication.

0

I think it depends a lot on what you intend, generally I, for example, usually check on specific activities and pages IF and WHICH user is logged in, if he is not logged in if for example he is trying to call a specific function, I redirect him to login, but if he is simply trying to access a page to which he does not have permission, I redirect to my Default.aspx in question.

I think in general you should redirect it to login, if it is trying to run something, or access something, but if it does not have permission for example, it goes to the default.aspx.

sorry if I didn’t get to the point where you wanted to get to, but that’s where I got to understand your problem.

  • The issue is not access to resources not allowed, but simply that upon termination of the session the user being on the page seguranca.aspx, instead of being automatically redirected to the address /login.aspx?ReturnUrl=seguranca.aspx he is redirected to login.aspx?ReturnUrl=default.aspx or any other I define.

  • I don’t know if it’ll help you, I’ll offer you a point of view. As a user, if I’m on a page long enough to make my session expire, I’d rather be redirected to the login than fall on the main page without understanding why I ended up there, you have to remember that you know his session is down, but the user often doesn’t even know it exists and much less knows how long he can stay on a page doing nothing. Fall on the main page because the session has expired, I don’t see how a good practice can easily confuse the user, but that’s just my point of view!

Browser other questions tagged

You are not signed in. Login or sign up in order to post.