Home/ Questions/Q 7823143
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-02T08:08:32+00:00

Hopefully this is simple. I have a fairly simple ASP.NET (framework version 2) app

  • 0

Hopefully this is simple. I have a fairly simple ASP.NET (framework version 2) app that uses a custom table for user validation. Anyway I have two pages, login and registration. You can guess what the purpose is. The user is supposed to be able to request registration by clicking the registration link – which is a form with a submit button that does some database calls to see if the user is existing and so forth. The login page uses a authentication cookie for verification. I am using forms authentication – this is in my web.config:

    <authentication mode="Forms">
        <forms loginUrl="logon.aspx" name="adAuthCookie" timeout="30" path="/" defaultUrl="~/logon.aspx">
        </forms>
    </authentication>

Every time I do a http call to the registration page (ie by typing in http://localhost/registration.aspx – it redirects to the login page.

The global.asax.cs file has this in there – it’s an authentication check. I want to disable this check if the requesting page is the registration page – since users do not need to be authenticated to visit this page. Any ideas how to do this?

void Application_AuthenticateRequest(object sender, EventArgs e)
{
    string cookieName = FormsAuthentication.FormsCookieName;
    HttpCookie authCookie = Context.Request.Cookies[cookieName];

    if (null == authCookie)
    {
        //There is no authentication cookie.
        return; // right here it will return null then redirect to login.aspx
    }
    FormsAuthenticationTicket authTicket = null;
    try
    {
        authTicket = FormsAuthentication.Decrypt(authCookie.Value);
    }
    catch (Exception ex)
    {
        //Write the exception to the Event Log.
        return;
    }
    if (null == authTicket)
    {
        //Cookie failed to decrypt.
        return;
    }
    //When the ticket was created, the UserData property was assigned a
    //pipe-delimited string of group names.
    string[] groups = authTicket.UserData.Split(new char[] { '|' });
    //Create an Identity.
    GenericIdentity id = new GenericIdentity(authTicket.Name, "LdapAuthentication");
    //This principal flows throughout the request.
    GenericPrincipal principal = new GenericPrincipal(id, groups);
    Context.User = principal;
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can configure access in your web.config. Here’s an example of what I would do:

    <location path="register.aspx"> //path here is path to your register.aspx
    <system.web>
        <authorization>
            <allow users="*"/> // this will allow access to everyone to register.aspx
        </authorization>
    </system.web>
</location>
    • 0