I have a folder with several .aspx pages, which I want to restrict to access. I have the & lt; Deny users = "?" /> have added web.config.
The problem is that when I am using UrlRewrite, the ReturnUrl .aspx file is automatically generated with the physical path.
Is there a way to manipulate a return unit without manual authentication detection and redirection? Is there any way to return the URL - back-to-back or from the web? Configure?
Edit : ASP.NET 2.0 is using the webform. I can not use 3.5 routing.
Edit 2 : It appears that the 401 status code is never captured. It gives 302 for the protected page and redirects returns to the login page with ReturnUrl. It does not return 401 for the protected page. Hmm ... interesting ... ref:
This makes things harder ... I write reverse to regex match ReturnUrl to rewrite the mapping rule and replace it if it does not return 401 Maybe ... this 401 can either set the RawUrl to Response.RedirectLocation or if the replacement of the ReturnUrl with RawUrl is replaced.
Any other ideas?
Check it out Hopefully it will be helpful.
#region [import] using the system; Using System.Web; Using System.Web.Security; #endregion namespace Foo.Handlers {Public category AuthModule: IHttpModule {#region IHttpModule Members Public Zero Init (HttpApplication Application) {application.PostReleaseRequestState + = Representative (Object, EventArgs e) {if (application.Response.StatusCode == 401 ) Application.Response.Redirect (FormsAuthentication.LoginUrl + "? ReturnUrl =" + HttpUtility.UrlEncode (application.Request.RawUrl), true); }; } Public Zero Settlement () {} #endregion}} ; Module & gt; & Lt; Add name = "AuthModule" type = "Foo.Handlers.AuthModule, Foo" /> & Lt; / Module & gt;
No comments:
Post a Comment