Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Monday, June 22, 2015 4:06 AM
Hi
my App works fine but user is Unauthorized it default redirect to login url :
http://localhost:54239/Account/Login?ReturnUrl=%2F
or
http://localhost:54239/Account/Login?ReturnUrl=%2FPTDatas%2FSHPTData
ect ...... i need to change this to be as:
http://localhost:54239/Account/Login
or anything else i need, but don't know how to do that - so please how can i do that ?
Monday, June 22, 2015 10:14 AM ✅Answered
You create a custom authorize attribute and override HandleUnauthorizedRequest. In the handle, don't include return url. Google for examples.
Your other option is in your sign in logic redirect if query string is not empty.
Monday, June 22, 2015 6:21 AM
In ASP.NET MVC5, this is configured inside the App_Start\Startup.Auth.cs file
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context, user manager and signin manager to use a single instance per request
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
Set the LoginPath to a different value if you want to redirect to somewhere else.
Monday, June 22, 2015 7:16 AM
In ASP.NET MVC5, this is configured inside the App_Start\Startup.Auth.cs file
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context, user manager and signin manager to use a single instance per request
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
Set the LoginPath to a different value if you want to redirect to somewhere else.
i just need to remove any part after Login word:
?ReturnUrl=%2F
Monday, June 22, 2015 7:20 AM
That's the bit that lets MVC know where to go back to after you've authenticated (the %2f is an encoded slash, referring to the root of your application)
Why do you want to remove it?
Monday, June 22, 2015 7:27 AM
That's the bit that lets MVC know where to go back to after you've authenticated (the %2f is an encoded slash, referring to the root of your application)
Why do you want to remove it?
Client need that - and i don't know it's better t leave it as it's or try something else ....
Monday, June 22, 2015 7:47 AM
Client need that - and i don't know it's better t leave it as it's or try something else ....
I'd recommend leaving it. eg. If you try to browse directly to
You get redirected to the login page with this URL:
http://localhost:52806/Account/Login?ReturnUrl=%2Fmanage
Once you log in, then you get redirected back to the original URL - and now the ReturnUrl bit is no longer required.
The advantage of keeping the the return address in the query string is that the client can refresh the browser page and not get a warning about having to resend values (if you had sent it as a POST instead of a GET).
There's a few more thoughts on dealing with ReturnUrl in this StackOverflow post - http://stackoverflow.com/questions/9554115/redirect-to-return-url-after-login