5

Previously, I had added login.aspx to the Default Document section in IIS.

However, when someone was accessing the application, it was required to login twice. The first one wouldn't say any error message or no redirection to the next page in the application. And the second one would actually redirect the user to the expected page. And the user was using the right credentials both times.

As soon as I deleted login.aspx from the Default Document section in the IIS, and the user provided the full link to the application (~/login.aspx), the problem was gone as it was only required to login once.

Does anyone know why this is happening?

aleafonso
  • 2,244
  • 8
  • 38
  • 58

3 Answers3

1

In order to solve this problem, in the Page_Load event of the Default Document, it must be checked the following:

if (this.User.Identity.IsAuthenticated)
{
    Response.Redirect("somepage.aspx");
}

Source: asp.net Form Authentication change .net 2 to .net4

Community
  • 1
  • 1
aleafonso
  • 2,244
  • 8
  • 38
  • 58
0

Do you have have index page set as default and present?

From your scarce information I can find one (of possible many) explanation:

first you get to yoursite.com (without specifying the login.aspx) it redirects to login.aspx behind the scenes but url stays the same. When you submit from login.aspx it probably goes to some other (existing) page, which redirects the user to login.aspx (rewriting the url this time).

IF you want better explanation you will need to provide more details

Germann Arlington
  • 3,315
  • 2
  • 17
  • 19
  • Thanks for your reply. Unfortunately, there is no other page to which it is redirecting 'behind the scenes'. I would be happy to offer more details that you may find relevant to my question. Please, let me know – aleafonso Jul 26 '12 at 09:30
  • Your login.aspx has a form in it, this form posts to some page, the page that processes the form input (validates userName and password) [formProcessor.aspx] redirects to normal processing page(s) [validUser.aspx] if the userName and password are valid or back to login.aspx if they are invalid. Here I describe normal standard behaviour giving example page names for reference in square brackets because you give me no details yourself. When the login form submits to [formProcessor.aspx] this processing page may check referrer to see that the request comes from login.aspx. – Germann Arlington Jul 26 '12 at 10:06
  • To make your life simpler add client side redirect instead. – Germann Arlington Jul 26 '12 at 10:07
  • This situation is not related to the user's credentials as it was stated in the question. The page gets redirected in the second login attempt, instead of the first one. Thanks for your help anyway – aleafonso Jul 26 '12 at 10:38
  • I am NOT saying that it has anything to do with user credentials. Please re-read my comments. I am saying that it has EVERYTHING to do with the way they are processed by your pages. Because they are processed by YOUR pages and you DON'T provide enough details I am seizing any further attempts to help you. – Germann Arlington Jul 26 '12 at 11:13
0

In Global.asax add these lines

void Application_BeginRequest(object sender, EventArgs e)
{
    if (Request.QueryString.ToString().EndsWith("ReturnUrl=%2f"))
              System.Web.HttpContext.Current.Response.Redirect("~/login.aspx");

    if (Request.AppRelativeCurrentExecutionFilePath == "~/")
        HttpContext.Current.RewritePath("login.aspx");//This is the default page to navigate after a successful login.

}
Kemboi
  • 1
  • 1
  • 2