Forms Authentication

T

Tony

I wonder if anyone can help.

We have web application using Forms Authentication that works
perfectly ok in all environments, but in the production environment
the forms authentication isn't timing out and returning the user to a
login screen. Instead it tries to load the requested page and falls
over on a multiple control id. Remember these errors don't happen in
the Development and Testing environments.

Another interesting point is, if I set the persistence of the cookie
to true it doesn't write the cookie. The application continues to
work, but obviously doesn't remember the user on a return (as the
cookie isn't there). This happens in all environments.

Event logs show no indication of the worker process being recycled and
everthing seems to be ok.

Any ideas or suggestions?
 
S

Svein Terje Gaup

Regarding your second issue, the one with the persist that doesn't work. I
stumbled into the same issue working my way through this example:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT04.asp

The example itself does not offer persisance of the logon cookie, so I tried
to extend it. The only way to set any kind of persistance is by setting it
inside the Global.asax.cs "Application_AuthnenticateRequest" event handler.

In the Logon-button click-event handler, I create a xml document which I
store inside the FormsAuthenticationTicket. The xml document contains a
value indicating wether to persist the cookie or not. If true, I set the
"Expiration" of the cookie to 365 days from now, and then replace updated
values into the cookie:

//Reset the expiration of the cookie
if(persist) {
authCookie.Expires = DateTime.Now.AddDays(365); }
//Replace updated cookie into Response
Context.Response.Cookies.Set(authCookie);

You may download the complete code from here:
http://www.geocities.com/gaupen/NETStuff.htm
The example is called "GenericPrincipalApp".

Your first problem is trickier, and I'm sorry to say I can't offer you much
help from the description you have given. What do you mean by "a multiple
control id"? Do you have the exact error message? Could you perhaps show
some code samples?

Perhaps you could check for a valid authentication cookie in
Application_AuthnenticateRequest, and do a "FormsAuthentication.Logout()" if
there isn't one.

Sincerely
Svein Terje Gaup
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Forms Authentication Cookie Expiration Problem for SSO 1
Create Forms Authentication Ticket with MachineKeys 9
Forms authentication not working right 1
Create Forms Authentication Ticket with Machine Keys 1
Forms Authentication and Authentication Cookie 3
Windows 2003 Server, Web Farm, Forms Authentication, SlidingExpiration 0
Windows authentication times out (?) 0
forms authentication -- expired forms cookie vs. not provided forms cookie 2

Members online

No members online now.
Total: 26 (members: 0, guests: 26)
Robots: 449

Forum statistics

Threads
473,770
Messages
2,569,583
Members
45,073
Latest member
DarinCeden

Latest Threads

Top