no

Response.Redirect in Application_AcquireRequestState has resulted in too many redirects

Response.Redirect in Application_AcquireRequestState has resulted in too many redirects Using role-base security the most ideal place to ch...

Response.Redirect in Application_AcquireRequestState has resulted in too many redirects

Using role-base security the most ideal place to check if a user is still login is the Global.asax event: Application_AcquireRequestState.

And the most usual solution is:

if(Session["xxx"] != null) {
Respose.Redirect("xxx");
}


That will work on debug mode but not if deployed on web server. It produce different errors on different browsers, on chrome it has the most obvious error:

"The webpage at http://localhost/newctdnet/Error.aspx has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer."

The solution is to check first for new session:

if(Session.IsNewSession)
{
var pageName = HttpContext.Current.Request.Url.PathAndQuery.ToLower();
//special allowed page
var allowedPage = new[] { "/page1.aspx", "/page2.aspx" };
var listAllowedPage = new ArrayList(allowedPage);

if (!listAllowedPage.Contains(pageName))
{
if (!User.Identity.IsAuthenticated)
{
FormsAuthentication.RedirectToLoginPage();
}
}
}

Related

.net 1890570343084852072

Post a Comment

item