I want to remove \"returnurl=/blabla\" from address bar when a user want to access to a login required page. Because I\'m trying to redirect the user to a static page after
if you are using asp.net control loginstatus then click on login status control press f4( for properties) under behavior section we can see LogOutAction there select Return to Login page.
Note: In order to implement it successfully you must have a login page with name login.aspx
As RPM1984 pointed out, you don't have to redirect the user to the specified URL after signing in.
If it is imperative that you remove the ReturnUrl
querystring parameter there are a couple options. Probably the easiest is in your login web page / controller you'd check for the existence of a ReturnUrl
parameter in the Request.QueryStrings
collection. If it exists, you could do a redirect back to the login page, but without the ReturnUrl
.
Another option would be to create a custom implementation for the FormsAuthenticationModule
, which is the class that handles authenticating a user based on their form authentication ticket and is responsible for redirecting unauthorized users to the login page. Unfortunately, the FormsAuthenticationModule
class's methods are not virtual, so you can't create a derived class and override the methods needed, but the good news is that the class is pretty simple - just maybe 100-200 lines of code in total, and using Reflector you could quickly create your own custom FormsAuthenticationModule
class. If you go this route (which I wouldn't recommend), all that you'd need to do would be to take out the code in the OnLeave
method that tacks on the ReturnUrl
parameter. (In addition to modifying this class you'd also need to configure your Web.config file so that your application uses your custom FormsAuthenticationModule
class rather than the one in the .NET Framework.)
Happy Programming!
If you want to remove returnURL from request and redirect to specific path, you can follow this steps.
Firstly get the current context, verify if the user is authenticated and finally redirect the current path.
HttpContext context = HttpContext.Current;
//verify if the user is not authenticated
if (!context.User.Identity.IsAuthenticated)
{
//verify if the URL contains ReturnUrl
if (context.Request.Url.ToString().Contains("ReturnUrl"))
{
//redirect the current path
HttpContext.Current.Response.Redirect("~/login.aspx");
}
}
I put this code into Page_Load method from my class Login.aspx.cs
void Application_BeginRequest(object s, EventArgs e)
{
// ................
// strip return Return Url
if (!string.IsNullOrEmpty(Request.QueryString["ReturnUrl"]) && Request.Path.IndexOf("login.aspx")!=-1)
System.Web.HttpContext.Current.Response.Redirect("~/login.aspx");