This is driving me crazy.. i have one login page, and my code basically says in all the protected pages:

If not user.identity.isauthenticated = true then server.transfer("Login.aspx")

End if

 But it always redirects to my Default.aspx after a sucessful login!! I need it to transfer them to the protected page they were planning on going to!

Anyone have any ideas on this? 

The login control has a property called DestinationPageURL where you would set the page you want to go to on a successful log in.  You could also do this programically in the login's LoggedIn event.

Bart

 Im aware of that property, but how do i tell it to go to the last page the person was at before it got to the login page?  I was told this was automatic if you didnt set the DestinationPageURL property.

Yes by default the user is returned back to the page where she/he clicked the LogIn button (I'm assuming you're using the LoginStatus Control). 

Mnemonic:

I need it to transfer them to the protected page they were planning on going to!

In your application, the user the user would have clicked the Login button when they were already at the protected page.

From what I can tell, you have a Login button on the Default.aspx page that you click to login so it's always going to redirect you back to the Default.aspx page.  Change the DestinationPageURL property and see if that works.  If not then try it in the code behind.

Bart

Let me explain my layout a little better.

I have a Login control on my default page, and then a page called Login.aspx which contains a Login control and a Create User control.  

 All protected pages have code in the page_load that says if they are not logged in, to transfer them to login.aspx.  but after they leave login.aspx, it brings them back to default... no matter what.  I need them to be redirected to the page they were originally coming from, which will be dynamic.
 

O I see what you mean now.  Sorry.  That's a very good question (I just tried it myself and the same thing is happening).  The only solution I'm able to come up with is if you put the protected pages in a folder and then use the ASP.NET Configuration tool to grant access to that folder to all users but deny access to annonomous users.  I just tried it and that works.

Hope that was some help.

Bart

You don't have to!  Sorry should've told you last time.  You don't need to change any of your pages.  Just remove the code for the redirect and ASP automatically handles it for you.  Just put all the pages in the folder and deny access to unauthorized users.  This way when the use clicks a link to a protected page, ASP checks to see if they authorized, if not it goes to the login page, which after successful login goes to the protected page they originally wanted to go to.

Bart

Correct me if i'm wrong, but wouldnt putting the pages in folders change the link to those pages? instead of ../Authorizedpage.aspx wouldnt it now be ../Authorized/AuthorizedPage.aspx?

Also, do you mean set permissions in windows? I'm using forms based SQL authentication...

You're right about the links, sorry went a little brain dead there.  You would use the ASP.NET Configuration tool which is under Website in the top menu.  This loads up a new web page that is used to configure your site.

Click the Security Tab, the first box will say if you're using Windows or Form based authentication.  Change it if you need to.  In the Access Rules box select Create Access Rules.  In the Tree on the left click the folder you want to restrict access to.  Select All Users and Allow.  Click OK.

Now click on Create Access Rules again, click the same folder, select Annonymous Users and select Deny.  Click OK.

You have to create the access rules in this order, otherwise the annonymous user will always recieve a Forbidden error message. 

And you're all set to go.  Since the pages are in the folder, the same access rules will apply to them.  Now when the user clicks a link to a protected page, ASP will automatically check to see if the user is authenticated and if not redirect to the login page.  After a successful login the use will be taken to the page.  The only down part, like you said, is that you have to change the links.  Sorry.

Hope that helps,
Bart

 I moved all my files into a new folder, and i got 99 errors from all my control settings for ajax toolkit things and so on... there has to be an easier way to do this,...

What about passing the login.aspx page with a querystring of the last page it was at, like page.previouspage? 

Use the following to redirect the user to the login page from all your other pages...

System.Web.Security.FormsAuthentication.RedirectToLoginPage()