6

I have to deal with a legacy asp.net mvc app, which is not configured as I am used to. After a normal logout via:

FormsAuthentication.SignOut();

and

return RedirectToAction("Index", "Home");

the URI contains:

ReturnUrl=%2f

This is not usually the case. How can I suppress this?

Alternatively, when I try to access a page that requires authentication/authorization the login page appears but no appropriate ReturnUrl= is generated (i.e. the URI stays as it is).

Is this an IIS issue, which I have read somewhere, or is the asp.net FormsAuthenticationModule not properly configured? Thanks.

Improve this question
6
  • May be related? stackoverflow.com/questions/8205368/… Commented Feb 23, 2013 at 5:29
  • Came across this before posting ... don't think so though. Commented Feb 23, 2013 at 5:31
  • What version of MVC are you using? Commented Feb 27, 2013 at 3:51
  • I am using 3.0. Thanks. Commented Feb 27, 2013 at 5:48
  • How does it behave in Cassini? If it fails there as well, then it is not an IIS problem. If it has proper returnUrl there, then it likely is IIS problem. Can you post your authentication element of system.web in web.config file? Commented Feb 28, 2013 at 23:22

3 Answers 3

Reset to default
2

ReturnUrl is added during an unauthorized redirect. Someone appears to be redirecting the root url (/) to itself or to Home/Index. %2f is the encoded form of "/".

I would check the authorization section of the web.config for something that looks wrong.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

In my case my returnUrl was pointing to LogOff on Login. It turned out the LogOff Action needed [AllowAnonymous] attribute
0

This is depends on you routing, right? If you have this as you last route configuration: 

routes.MapRoute(
 "Default", 
 "{controller}/{action}/{id}", 
new { controller = "Home", action = "Index", id = UrlParameter.Optional });
Improve this answer

Comments

0

If nothing works then add authentication mode="Windows" in your system.web attribute in your Web.Config file. hope it will work for you.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.