Hi,

I'm developing a custom registration/login system for an episerver website.
When logging in via my custom login.aspx site with the standard asp Login control everything is ok. I wan't the users to be redirected to a "User Account start page", and this is also working perfectly by catching the OnLoggedIn event and do a redirect to this user page.

However, the problem occurs when I try to restrict the user account page for only authenticated users. First I wrote my own authentication check on this specific page which is working, but I thought it would be better to set the "Access Rights" in EPiServer admin mode to only let authenticated users have access to this, and other, restricted pages.

But when I login, and it is trying to redirect me to the restricted page, I'm in instead being redirected to the default /util/login.aspx page and has to login once again before I can access the page I want. This seems very strange to me because if I just login and skip the redirect code, and then manually go to the restricted page, it is perfectly accessible.

I thought it should be enough to redirect the user once the OnLoggedIn event occurs, but apparantly I am missing something here.

This is my redirect code:

PageReference m_userPageRef = GetPage(PageReference.StartPage)["UserPage"] as PageReference;
if (m_userPageRef != null)
Response.Redirect(GetPage(m_userPageRef).LinkURL, true);

where "UserPage" is a pagelink property of my startpage.

I shall also metion that I am using custom membership/role providers, but that 
should not be the issue since switching to the default providers gives me the same
problem. 

Any help and suggestions really appreciated!