| Author |
|
flesso
Member
Joined: June/15/2006
Online Status: Offline
Info: 75
|
| Added: December/03/2006 at 3:29am | IP Logged
|
|
|
hi,
i'm trying to protect a page with querystrings... e.g. somepage.aspx?id=1
but when it redirects to the login page it only takes with it the 'somepage.aspx' bit. is there anyway to overcome this?
__________________
Best Regards,
Josh Hold
|
| Back to Top |
|
| |
cwilliams
Admin Group
CJWSoft Web Software Developer
Joined: April/06/2004
Online Status: Offline
Info: 1769
|
| Added: December/04/2006 at 10:32am | IP Logged
|
|
|
with the current version... I dont think it supports the querystrings.
I am checking now, and if I find that it does not I will do my best to come up with something and release a new version of the dll. Your the 1st to mention this I and I think it is just something I didn't think to try when creating the dll.
__________________
Best Regards,
Christopher Williams
www.CJWSoft.com
|
| Back to Top |
|
| |
flesso
Member
Joined: June/15/2006
Online Status: Offline
Info: 75
|
| Added: December/04/2006 at 1:03pm | IP Logged
|
|
|
ok
__________________
Best Regards,
Josh Hold
|
| Back to Top |
|
| |
cwilliams
Admin Group
CJWSoft Web Software Developer
Joined: April/06/2004
Online Status: Offline
Info: 1769
|
| Added: December/04/2006 at 2:07pm | IP Logged
|
|
|
I been working on this for an hour straight... and I think I have it worked out. It really felt more like 3 hours. ASP.NET if frigin evil and all the tools that say are so eay to use.. often need to be redone from sracth to really work the way you need them to in the real world..
This is a perfect example... you'd think ASP.NET Forms Based Authentication would handle the passing of original querystring information when protecting a page. Apparently is does not, so I had to come up with a clever way to make it work.
To make it even worse I just couldnt find anyone else talking about this issue when searching for help. I totally had to cobb something from scratch and make it work based on random bits of info I found that somewhat related to the problem.
Anyway.. your gonna be testing this before I release it as I am a bit nervous about all the code I rewrote. I have some more testing to do here and then I will PM you with a version of the DLL to mess around with. Hoepfully I didn't break other things making this work. That is usually what happens.
__________________
Best Regards,
Christopher Williams
www.CJWSoft.com
|
| Back to Top |
|
| |
flesso
Member
Joined: June/15/2006
Online Status: Offline
Info: 75
|
| Added: December/04/2006 at 2:19pm | IP Logged
|
|
|
ok
__________________
Best Regards,
Josh Hold
|
| Back to Top |
|
| |
cwilliams
Admin Group
CJWSoft Web Software Developer
Joined: April/06/2004
Online Status: Offline
Info: 1769
|
| Added: December/04/2006 at 2:27pm | IP Logged
|
|
|
Well, I guess there is no reason to PM this.. what do I care if someone else tests it out? That actually might be a good thing.
2006-12-04_142454_aspprotect.authentication_dll_v1.3_ASP.NET _2.0.zip
One change to things...
When you log someone out you have to change the code slightly in the Signout subroutine. Just added some stuff to grab the querystring info and pass it along really. Here is an example from "textprotect.aspx". The stuff in RED is what I added.
Sub Signout_Click(Src As Object, E As EventArgs)
FormsAuthentication.SignOut()
Session.Abandon()
Dim QueryItem As String
Dim RequestLine As String
RequestLine = ""
For Each QueryItem In Request.QueryString
If Request.QueryString(QueryItem) <> "" Then
RequestLine = RequestLine & "&" & QueryItem & "=" & Server.UrlEncode(Request.QueryString(QueryItem))
End If
Next
If RequestLine <> "" Then
RequestLine = Right(RequestLine, (Len(RequestLine) - 1))
End If
Response.Redirect("testprotect.aspx" & ("?") & RequestLine)
End Sub
__________________
Best Regards,
Christopher Williams
www.CJWSoft.com
|
| Back to Top |
|
| |
flesso
Member
Joined: June/15/2006
Online Status: Offline
Info: 75
|
| Added: December/04/2006 at 2:35pm | IP Logged
|
|
|
well done!
you've got it perfect, everything works perfect! All query strings are getting passed along, and everything that was there before still is!
It's Great!
__________________
Best Regards,
Josh Hold
|
| Back to Top |
|
| |
cwilliams
Admin Group
CJWSoft Web Software Developer
Joined: April/06/2004
Online Status: Offline
Info: 1769
|
| Added: December/04/2006 at 2:40pm | IP Logged
|
|
|
that's real good news but I guess time will tell if those changes cause any problems..
BTW: I added a line of code to the signout example above that I forgot the 1st time.. It is needed for signout then an immediate re-login to work..
RequestLine = Right(RequestLine, (Len(RequestLine) - 1))
__________________
Best Regards,
Christopher Williams
www.CJWSoft.com
|
| Back to Top |
|
| |
flesso
Member
Joined: June/15/2006
Online Status: Offline
Info: 75
|
| Added: December/04/2006 at 2:44pm | IP Logged
|
|
|
do i need to put that in any certain line of the signout example??
__________________
Best Regards,
Josh Hold
|
| Back to Top |
|
| |
cwilliams
Admin Group
CJWSoft Web Software Developer
Joined: April/06/2004
Online Status: Offline
Info: 1769
|
| Added: December/04/2006 at 2:46pm | IP Logged
|
|
|
The stuff in RED is what I added. The stuff around it in black is what was there before. I think where it goes is pretty straight forward. All I did was take the original "testprotect.aspx" and add the code in red.
__________________
Best Regards,
Christopher Williams
www.CJWSoft.com
|
| Back to Top |
|
| |
flesso
Member
Joined: June/15/2006
Online Status: Offline
Info: 75
|
| Added: December/04/2006 at 2:54pm | IP Logged
|
|
|
ok... all is fine with it now... its absolutely perfect!
hi chris,
i found 1 little error with the new dll, you see the page MUST have a querystring, as if it doesnt, when you try to login it returns this error:
System.ArgumentException: Argument 'Length' must be greater or equal to zero
But if you have a querystring, it all logs in fine.
__________________
Best Regards,
Josh Hold
|
| Back to Top |
|
| |
cwilliams
Admin Group
CJWSoft Web Software Developer
Joined: April/06/2004
Online Status: Offline
Info: 1769
|
| Added: December/09/2006 at 7:52pm | IP Logged
|
|
|
Ohh that figures.. I knew there was no way those changes could have went so smoothly..
ok. download it again... I just corrected that and updated the download file.. it was an easy fix
Also notice sign out example code above was slightly modified as well or else the same error can happen when signing out
__________________
Best Regards,
Christopher Williams
www.CJWSoft.com
|
| Back to Top |
|
| |
Active Info
Memberlist
Search
Help
Register
Login
Info Locked)
Info: Original Querystring Info Not Preserved ?
