How is unautenticated site navigation handled in ASP.NET?

Posted by Code Sherpa on Stack Overflow See other posts from Stack Overflow or by Code Sherpa
Published on 2010-04-11T17:47:17Z Indexed on 2010/04/11 17:53 UTC
Read the original article Hit count: 340

Filed under:
|

Hi.

I am wondering how to do the following...

I have a registration system. When the user successfully registers, he is then led down a series of data gathering pages (for his profile) and then, finally, ends on his profile's home page where he can start to use the site.

All this happens without ever logging into the system so, he is unauthenticated and unconfirmed.

My question is, how does this happen? How can I allow my user to be unauthenticated (and unconfirmed, but this I understand) and use all aspects of the Web site?

The way I have things set up right now, my code should be doing this:

case CreateProfileStatus.Success:
//FormsAuthentication.SetAuthCookie(userName, false);
Response.Redirect("NextPage.aspx", false);
break;

but, I am being redirected to the login page after registration which is not the result I want. This is what the relevant nodes in my web.config look like:

    <authentication mode="Forms">
      <forms name=".AuthCookie" loginUrl="default.aspx" protection="All"/>
    </authentication>
    <authorization>
      <deny users="?"/>
      <allow roles="Administrators" />
    </authorization>
    <anonymousIdentification enabled="true" 
                             cookieName=".ASPXANONYMOUS"
                             cookieTimeout="100000" cookiePath="/" 
                             cookieRequireSSL="false"
                             cookieSlidingExpiration="true" 
                             cookieProtection="Encryption"
                             cookieless="UseCookies" 
                             domain="" />

When the user logs out after the registration and initial interaction with the site he will be required to log in upon return. At this point he must be authenticated but does not need to be confirmed for a period of time. Eventually, he will be reminded.

So, how is this done? Thanks in advance.

© Stack Overflow or respective owner

Related posts about ASP.NET

Related posts about authentication