How to elegantly handle ReturnUrl when using UrlRewrite in ASP.NET 2.0 WebForms
Posted
by Brian Kim
on Stack Overflow
See other posts from Stack Overflow
or by Brian Kim
Published on 2009-12-01T18:49:45Z
Indexed on
2010/05/15
23:10 UTC
Read the original article
Hit count: 387
I have a folder with multiple .aspx pages that I want to restrict access to. I have added web.config to that folder with <deny users="?"/>
.
The problem is that ReturnUrl is auto-generated with physical path to the .aspx file while I'm using UrlRewrite.
Is there a way to manipulate ReturnUrl without doing manual authentication check and redirection? Is there a way to set ReturnUrl from code-behind or from web.config?
EDIT: The application is using ASP.NET 2.0 WebForms. I cannot use 3.5 routing.
EDIT 2: It seems like 401 status code is never captured. It returns 302 for protected page and redirects to login page with ReturnUrl. It does not return 401 for protected page. Hmm... Interesting... Ref: http://msdn.microsoft.com/en-us/library/aa480476.aspx
This makes things harder... I might have to write reverse rewrite mapping rules to regex match ReturnUrl and replace it if it doesn't return 401... If it does return 401 I can either set RawUrl to Response.RedirectLocation or replace ReturnUrl with RawUrl.
Anyone else have any other ideas?
© Stack Overflow or respective owner