Login redirect

Vote:
 
I want to use two different login procedures depending on the page that is being requested. For example: If the user is not logged in and accesses /admin or /edit I want the usual Episerver login to appear. If the user tries to open any other page I want an own login page to appear. What I did: I created a LoginWrapper.aspx that reads the parameters and redirects to either /util/login.aspx or /myownlogin.aspx depending on the ReturnUrl parameter. Of course sending the ReturnUrl. The problem: I'm getting a HTTP 400 Bad Request error when accessing /util/login.aspx through this redirect. I guess that LoginBase doesn't allow redirects. My solution: I change /templates/login.aspx to not inherit from LoginBase and use EPiServer.Util.LoginBase.HandleFormsLogin(Username.Text, Password.Text, this.PersistCookie.Checked) instead of HandleLogin() My question: Is this a bad idea in terms of security? /René
#12358
Sep 09, 2005 11:10
Vote:
 
It wasn't the LoginBase not allowing redirects it was just the url being misspelled without the "?". /René
#14120
Sep 09, 2005 11:28
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.