|
-
Sep 18th, 2006, 11:09 AM
#1
Thread Starter
Frenzied Member
URL Rewriting with Forms Authentication (v1.1)
I have a website that uses URL rewriting in the global.asax file to ensure nice tidy URLs e.g. /contact/default.aspx rewrites to /html/template.aspx?PageID=139
However I now want to implement forms authentication on some sections of the site for example I want to protect the merchandise section (/merchandise/*.aspx). However as this directory doesn't actually exist it doesn't work.
I read this was because I'm doing the URL rewriting in the Application_BeginRequest method and forms authentication is not happening until after this therefore meaning that the URL is already rewritten before it checks to see if it is in the merchandise directory.
I'll also read this could be avoided by moving the URL rewriting into the Application_AuthorizeRequest method however when I do this it throws 404 errors for every page and weirdly the 404's are for the actual existing page not the original URL. I've tracked this down thsi problem to the fact that the querystring at the end of the rewritten URL seems to screw this up right royally - if removed it works fine. Unfortunately I need it as it distinguises between pages!
Has anyone experienced this? Is there a way to get this to work?
Cheers
DJ
If I have been helpful please rate my post. If I haven't tell me!
-
Sep 18th, 2006, 01:17 PM
#2
Re: URL Rewriting with Forms Authentication (v1.1)
Use the IHttpModule.OnBeginRequest method? 
DNN (www.dotnetnuke.com) uses a UrlRewrite class - perfect example - from (e.g) http://site/tabid/5 to http://site/default.aspx?tabid=5
-
Sep 19th, 2006, 03:12 AM
#3
Thread Starter
Frenzied Member
Re: URL Rewriting with Forms Authentication (v1.1)
That's not the problem. I've tried rewriting on BeginRequest but need to delay the rewriting until the forms authentication kicks in.
If I have been helpful please rate my post. If I haven't tell me!
-
Sep 19th, 2006, 04:36 AM
#4
Re: URL Rewriting with Forms Authentication (v1.1)
Which querystring parameters do you mean, the ones that are there as part of your application or the ones added on as a result of forms authentication?
-
Sep 19th, 2006, 05:09 AM
#5
Thread Starter
Frenzied Member
Re: URL Rewriting with Forms Authentication (v1.1)
Sorry should have been clearer.
It is the querystring parameters in the rewritten URL e.g. the rewritten path should become /html/template.aspx?PageID=139 but this causes a 404 to be thrown. If the PageID parameter is removed it works but obviously isn't a lot of use to me.
Dave
If I have been helpful please rate my post. If I haven't tell me!
-
Sep 19th, 2006, 08:13 AM
#6
Re: URL Rewriting with Forms Authentication (v1.1)
Alright, so this is just a guess, but go into the Configuration for your Virtual Directory in IIS, and for .aspx pages, uncheck the box that says 'Verify that file exists'.
But it's not a situation I'm familiar with. You have gotten the procedure right, to rewrite the URL in the Authorization event, but perhaps that is what requires more investigation (though I can't tell you how or what). I'll bail, sorry.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|