Home/ Questions/Q 582963
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T14:44:32+00:00

I am using ASP.NET MVC, on my login action I am doing: [AcceptVerbs(POST)] public

  • 0

I am using ASP.NET MVC, on my login action I am doing:

[AcceptVerbs("POST")]
public ActionResult Login(FormCollection form)
{
    User validatedUser = // tests username/pwd here.

    FormsAuthentication.RedirectFromLoginPage(
        validatedUser.ID.ToString(), rememberMe);

    if(String.IsNullOrEmpty(Request["ReturnUrl"]))
        string redirectUrl = Request["ReturnUrl"];

    if (!String.IsNullOrEmpty(Request.QueryString["ReturnUrl"]))
        string redirectUrl = Request["ReturnUrl"];
}

My url looks like this when I am on the login page:

http://localhost:56112/user/login?ReturnUrl=/admin/settings

Does anything look wrong here?

My web.config:

<authentication mode="Forms">
    <forms loginUrl="/user/login"
        protection="All"
        timeout="30"
        name="SomeCookie"
        requireSSL="false"
        slidingExpiration="true"
        defaultUrl="default.aspx" />
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I would recommend you against using RedirectFromLoginPage method in an MVC application. It would be better to perform redirects using standard ASP.NET MVC techniques. You may use SetAuthCookie method:

    public ActionResult Login(FormCollection form)
{
    // ...
    FormsAuthentication.SetAuthCookie(validatedUser.ID.ToString(), rememberMe);
    // ...
    return Redirect(FormsAuthentication.DefaultUrl); // will read default url from web.config
}
    • 0