URL Redirection

Suneel Jhangiani asked on November 5, 2018 13:37

Hi Guys,

I'm looking for a suggestion on the best way to force a user to a page. Basically have a field added to the user settings table and need to redirect the user based on that field no matter what page they are visiting. The content of the field has a few varieties and the URL to redirect to would be different for each user. If the field has no value then the user can continue as normal.

So that things are clear the site is using the Portal engine on Kentico 11.

Correct Answer

Brenden Kehren answered on November 5, 2018 18:16

Ok then simply create a webpart which checks the current authenticated users property. If it's there redirect them. If it's not there or the user is public, leave them alone. This webpart would be placed on the master page. Then this only executes for users accessing the public site and not the /admin interface.

3 votesVote for this answer Unmark Correct answer

Recent Answers


Brenden Kehren answered on November 5, 2018 14:17

I'd suggest reading this article. The code is in the marketplace for download. We've done some customization to it though to allow for https/http and passing the URL parameters through.

0 votesVote for this answer Mark as a Correct answer

Suneel Jhangiani answered on November 5, 2018 16:02

Brenden, I did see that article before posing the question here. A key think is that I am looking for a way to redirect a user who is authenticated and limit their use of the site.

From looking through various docs, I think I should implement a Customer Handler for the RequestEvents.PostAuthorize - in the handler I check if the user is athenticated and if they need to be redirected (ie. if they are on the right page they should not be redirected - infinite loop).

0 votesVote for this answer Mark as a Correct answer

Brenden Kehren answered on November 5, 2018 16:11

Ok so when do you force them to this page? Only on authentication?

Secondly, are the users doing any editing on the site or just users on the site who have roles assigned to them to view, for example, account information? Reason I ask is Kentico already has a "starting url/path" for content editors.

0 votesVote for this answer Mark as a Correct answer

Suneel Jhangiani answered on November 5, 2018 17:04

It's to force live site users to go through sign-up wizards depending on their user type. So, they do not have access to the backend, and it's not really a permanent starting url / path. The idea is they can only use the Wizard until they go through the whole thing.

I've written block in the RequestEvents.PostAuthorize event and it appears to work - I just need to see what happens to other elements that may be linked (ie. what if media library images are linked to the wizards). For the initial page it does appear to work.

0 votesVote for this answer Mark as a Correct answer

Brenden Kehren answered on November 5, 2018 17:24

I think you're looking too deep into this. Simply use the SecurityEvents.Authenticate.Execute global event. When the user is authenticating, do a look up and see if they have a value in the field, if not, redirect them. If you can't do it in a global event, then clone the custom logon form and do it there.

1 votesVote for this answer Mark as a Correct answer

Suneel Jhangiani answered on November 5, 2018 18:12

Brenden,

I hear what you are saying, but doing this on authentication will only redirect them at that time. Nothing to stop the user once they are redirected to visit another page by manually typing the URL. By doing it in the RequestEvents.PostAuthorize it will be triggered on each page and hence if they have typed in a different url they will be sent back to the Wizard.

It's an odd requirement in that anonymous users have basic access to the site, whilst members have more detailed info - this is controlled using Roles in the web parts to display the additional info. Visitors need to be able to sign-up automatically but need to complete the wizard hence why the idea is to restrict them from visiting any page until the wizard is complete.

I think I am on the right track given the requirements above. Just not sure I'm using the right Request event - perhaps the RequestEvents.Authenticate is a better place?

0 votesVote for this answer Mark as a Correct answer

Zach Perry answered on November 5, 2018 19:35

I agree with Brenden on adding a webpart to the master page that handles redirecting the user, this is similar to how the Group Security Access web part works if you want an example to look at.

1 votesVote for this answer Mark as a Correct answer

Suneel Jhangiani answered on November 5, 2018 21:41

Just to update, the Web Part is the right way to go since the code will only be executed once for each page request (using the RequestEvents.PostAuthorize could cause issues for other elements on the page - ie. if you try to display a media library image on a wizard page).

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.