I have a MVC project with forms authentication.
Basically it works fine: The user wants to access a controller with
Authorize-Attribute and gets redirected to login-page if not authenticated. On redirect the parameter
returnUrl gets forwarded as well.
However, in case the first try of the login fails, the return to the page does not work anymore. I think the
returnUrl gets changed to the account controller after the first try because it case the last page before the current login try. So authentication still seems to work but the user stays on the login page and doesn't get redirected to the page he was before.
Is there a way to prevent
returnUrl from being changed after the first failed login?