adding cookie

[masoud bayan]

I have a forms authenticated asp.net web application. in login page there is a check box which when is checked user name should be kept for next login time.
I know there is an option as --- FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, chkRemember.checked) ----- to persist cookie across sessions but my application is different. I just want to save user name in a cookie (not authorized user) in order that when he opens browser and redirect his browser to login page he has not to enter his user name in user name text box. to do this in an non forms authentication based app I used to just add following code in login page:
Dim objCookie As HttpCookie

If chkPersist.Enabled Then

objCookie = New HttpCookie("strUsername", txtUserName.Text)

objCookie.Expires = DateAdd("yyyy", 1, Now())

Else

objCookie = New HttpCookie("strUsername", "")

objCookie.Expires = Now

End If

Response.Cookies.Add(objCookie)

and also in the beginning of login page whenever always check for this cookie and retrieve user name and show in text box.

but now with forms authentication when I add such a cookie to cookies I can not access it later.

Please let me have your experience or comments in this regards.



Thanks

 

[Raterus]

Sure you want to do this? I just say this, because to put their username/password back in that box, it is going to have to be stored as plain text on the users computer.....bad idea for many reasons. If you just let the forms authentication cookie persist, they are automatically logged in, no need to see a login page, and the cookie is stored with a good amount of encryption.

But if you want to do it your way, don't allow them to persist the cookie, and then just set a cookie with their username password and load it in (if it exists) when they load up the page.

'set storage cookie
Dim authCookie as HttpCookie = new HttpCookie("auth")
authCookie("username") = txtUsername.text
authCookie("password") = txtPassword.text
Response.Cookies.Add(authCookie)
....
'recall storage cookie
If not Request.Cookies("auth") is nothing
txtUserName.text = Request.Cookies("auth")("username")
txtPassword.text = Request.Cookies("auth"("password")
end if

--Michael


I have a forms authenticated asp.net web application. in login page there is a check box which when is checked user name should be kept for next login time.
I know there is an option as --- FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, chkRemember.checked) ----- to persist cookie across sessions but my application is different. I just want to save user name in a cookie (not authorized user) in order that when he opens browser and redirect his browser to login page he has not to enter his user name in user name text box. to do this in an non forms authentication based app I used to just add following code in login page:
Dim objCookie As HttpCookie

If chkPersist.Enabled Then

objCookie = New HttpCookie("strUsername", txtUserName.Text)

objCookie.Expires = DateAdd("yyyy", 1, Now())

Else

objCookie = New HttpCookie("strUsername", "")

objCookie.Expires = Now

End If

Response.Cookies.Add(objCookie)

and also in the beginning of login page whenever always check for this cookie and retrieve user name and show in text box.

but now with forms authentication when I add such a cookie to cookies I can not access it later.

Please let me have your experience or comments in this regards.



Thanks

 

[masoud bayan]

Thanks Micheal, It works.
Actually I do not keep password just user name also becasue of security I do not want to make cookie persistance.

Sure you want to do this? I just say this, because to put their username/password back in that box, it is going to have to be stored as plain text on the users computer.....bad idea for many reasons. If you just let the forms authentication cookie persist, they are automatically logged in, no need to see a login page, and the cookie is stored with a good amount of encryption.

But if you want to do it your way, don't allow them to persist the cookie, and then just set a cookie with their username password and load it in (if it exists) when they load up the page.

'set storage cookie
Dim authCookie as HttpCookie = new HttpCookie("auth")
authCookie("username") = txtUsername.text
authCookie("password") = txtPassword.text
Response.Cookies.Add(authCookie)
...
'recall storage cookie
If not Request.Cookies("auth") is nothing
txtUserName.text = Request.Cookies("auth")("username")
txtPassword.text = Request.Cookies("auth"("password")
end if

--Michael


I have a forms authenticated asp.net web application. in login page there is a check box which when is checked user name should be kept for next login time.
I know there is an option as --- FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, chkRemember.checked) ----- to persist cookie across sessions but my application is different. I just want to save user name in a cookie (not authorized user) in order that when he opens browser and redirect his browser to login page he has not to enter his user name in user name text box. to do this in an non forms authentication based app I used to just add following code in login page:
Dim objCookie As HttpCookie

If chkPersist.Enabled Then

objCookie = New HttpCookie("strUsername", txtUserName.Text)

objCookie.Expires = DateAdd("yyyy", 1, Now())

Else

objCookie = New HttpCookie("strUsername", "")

objCookie.Expires = Now

End If

Response.Cookies.Add(objCookie)

and also in the beginning of login page whenever always check for this cookie and retrieve user name and show in text box.

but now with forms authentication when I add such a cookie to cookies I can not access it later.

Please let me have your experience or comments in this regards.



Thanks