Re: Redirect not working

From: Mark Miller (mark_no_s_p_am__at_maxpreps.com)
Date: 12/30/04 

Date: Thu, 30 Dec 2004 10:48:15 -0800

As far as I can tell you have protection set to "All" which uses encryption
for the cookie. But you are not ecrypting the cookie before you write it to
the Response stream. I'm not sure how to encrypt a cookie after calling
GetAuthCookie() but an alternative is to create a FormsAuthentication ticket
and then use the FormsAuthentication.Encrypt() method passing in the ticket.
Your sample it should give you the exact same functionality you need. Here's
a sample:

//create ticket
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
txtUsername.Text, DateTime.Now, DateTime.Now.AddMinutes(30), true,
string.Empty);
//encrypt ticket and capture string result
string sEncryptedTicket = FormsAuthentication.Encrypt( ticket );
//create a new cookie and add it to the Response stream
Response.Cookies.Add( new System.Web.HttpCookie(
FormsAuthentication.FormsCookieName, sEncryptedTicket ) );

I hope that helps.

Regards,
Mark

"Ldraw" <Ldraw@discussions.microsoft.com> wrote in message
news:5A215232-5333-4AA1-BA5E-F4AC3BD5FFAE@microsoft.com...
>I have looked at all the Redirect questions on this site without finding a
> resoultion
> to my redirect problem. I am using sample code to verify a user and
> password from a login page but although the verification is successful and
> I
> can see that the return url is where I need to go I am continously looped
> back to the login page.
> Cookies are enabled. See code example below.
>
> --WebConfig--
> <authentication mode="Forms">
> <forms name="TestLoginAthu" path="/" loginUrl="WebForm1.aspx"
> protection="All" timeout="30">
> <credentials passwordFormat="Clear">
> <user name="jeff" password="test" />
> <user name="mike" password="test" />
> </credentials>
> </forms>
> </authentication>
>
> --Code Behind
>
> HttpCookie cookie = FormsAuthentication.GetAuthCookie ( TextBox1.Text,
> CheckBox1.Checked );
> // Expires in 30 days, 12 hours and 30 minutes from today.
> cookie.Expires = DateTime.Now.Add(new TimeSpan(30, 12, 30, 0));
> Response.Cookies.Add (cookie);
> string strUrl = FormsAuthentication.GetRedirectUrl ( TextBox1.Text,
> CheckBox1.Checked );
> Response.Redirect( strUrl );

Relevant Pages

  • Re: Cookies Expiring due to different time zones.
    ... post to your aspx login, sending the cookie's date in a hidden field ... set the aspx login cookie using the date/time in the hidden field ... This is the code I am using to create the ticket, ... Your problem is that you're using an extremely short time for the cookie expiration. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: using a shared session
    ... you will have to pass the ticket to site. ... they will be prompted for a login. ... | We have 3 different web applications on three different websites (and ... | and is saved in the cookie for that session. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Cookies Expiring due to different time zones.
    ... cookie is setting time according to my server. ... just not able to login. ... perfectly fine on my PC and many other PCs which have correct time. ... This is the code I am using to create the ticket, ...
    (microsoft.public.dotnet.framework.aspnet)
  • Forms Authentication Roles based
    ... I am creating an application which has 3 roleswith login ... FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( ... // "true" for a persistent user cookie ... string hash = FormsAuthentication.Encrypt; ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • cookie value being garbled.
    ... Each request to the site refreshes the ticket (stored in a cookie). ... together then the next request after the login OK page receives ...
    (microsoft.public.dotnet.framework.aspnet)