FormsAuthentication without the '?ReturnUrl' variable

[Itai]

Does anyone know if there is a way to prevent FormsAuthentication from
adding the '?ReturnUrl' to the login page url ?

I am always redirecting the user to a specific page upon successful
logins.
I *don't* wan't to redirect the user to the original page he was
trying to access.

I am using FormsAuthentication.SetAuthCookie followed by a
Response.Redirect therefore, I do not need '?ReturnUrl'.

I just think that removing this variable from the login page url makes
it looks "cleaner" and does not lead to false expectations on behalf
of techi users

Thanks,

-Itai

[Raterus]

There is no way to remove it that I know of, one way around it is to set the login page in web.config to an intermediate page "blah.aspx", and on that page, you redirect to the login page, which will remove the ReturnURL, it is an extra step, but it should work.

"Itai" <itaitai2003@yahoo.com> wrote in message news:429f6e7d.0408162318.6d247adf@posting.google.c om...

> Does anyone know if there is a way to prevent FormsAuthentication from
> adding the '?ReturnUrl' to the login page url ?
>
> I am always redirecting the user to a specific page upon successful
> logins.
> I *don't* wan't to redirect the user to the original page he was
> trying to access.
>
> I am using FormsAuthentication.SetAuthCookie followed by a
> Response.Redirect therefore, I do not need '?ReturnUrl'.
>
> I just think that removing this variable from the login page url makes
> it looks "cleaner" and does not lead to false expectations on behalf
> of techi users
>
> Thanks,
>
> -Itai

[Itai]

Thanks! but I figured out the following solution:


/* Requires .NET Framework version 1.1 */
/* All code in Global.asax.cs */


// Create an event handler for the PreSendRequestHeaders event

protected void PreSend_RequestHeaders(Object sender, EventArgs e)
{
string s = Response.RedirectLocation;

// replace /login.aspx with your path
if(s != null && s.StartsWith("http://localhost/login.aspx?ReturnUrl="))
{
Response.RedirectLocation ="http://localhost/login.aspx";
}

}


//register the event handler

private void InitializeComponent()
{
this.components = new System.ComponentModel.Container();

// Just add this line
this.PreSendRequestHeaders += new
System.EventHandler(this.PreSend_RequestHeaders);
}


Note that on my test machine while running in debug mode I noticed
that the event handler is called twice upon an attempt to access a
secure path.
The first time 'Response.RedirectLocation' contains the url with
‘?ReturnUrl=' and the second time it's null. I don't know why it works
that way.

[Itai]

Thanks! but I figured out the following solution:


/* Requires .NET Framework version 1.1 */
/* All code in Global.asax.cs */


// Create an event handler for the PreSendRequestHeaders event

protected void PreSend_RequestHeaders(Object sender, EventArgs e)
{
string s = Response.RedirectLocation;

// replace /login.aspx with your path
if(s != null && s.StartsWith("http://localhost/login.aspx?ReturnUrl="))
{
Response.RedirectLocation ="http://localhost/login.aspx";
}

}


//register the event handler

private void InitializeComponent()
{
this.components = new System.ComponentModel.Container();

// Just add this line
this.PreSendRequestHeaders += new
System.EventHandler(this.PreSend_RequestHeaders);
}


Note that on my test machine while running in debug mode I noticed
that the event handler is called twice upon an attempt to access a
secure path.
The first time 'Response.RedirectLocation' contains the url with
‘?ReturnUrl=' and the second time it's null. I don't know why it works
that way.