Re: When does the Roles/Username get set in HTTPContext?



ah i see - paths are case sensitive - Urls aren't - that may have caused the problem..


-----
Dominick Baier (http://www.leastprivilege.com)

Hi,

Figured it out. I removed the path= attribute in the forms auth in
web.cofig and set a timeout of 60 minutes. For some reason that fixed
the problem.

Thanks for the help! Fiddler rocks!!

Rob

"Dominick Baier" wrote:

there must be a Set-Cookie header coming from the server and
subsequest cookies headers from the client...

-----
Dominick Baier (http://www.leastprivilege.com)
So I ran Fiddler and tracked the session traffic. I did not
specifically see anything like a cookie being written local,
although I did see the 302 redirect to my next page. Would a cookie
show up as a specific content-type that's being written?

Rob

"Dominick Baier" wrote:

no thats fine. If there are no events handled, the control will
call Membership.ValidateUser and afterwards
FormsAuthentication.RedirectFromLoginPage()

Try a tool like www.fiddlertool.com to sniff the http traffic - is
the cookie set? is a redirect done?



.



Relevant Pages

  • Re: asp.net login contol using url redirect
    ... Dominick Baier [DevelopMentor] wrote: ... > You have to manually issue the cookie and set the Domain property on the ... >> If however I include the site in a frame on another site, e.g., ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Question about cookie protection and FormsAuthentication.Encry
    ... The FormsAuthenticationModule has to read the cookie on every request - the protection setting tells the module if the cookie is ought to be encrypted and signed. ... Dominick Baier ... a ticket and use it to logon to your application - thats the ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: When does the Roles/Username get set in HTTPContext?
    ... there must be a Set-Cookie header coming from the server and subsequest cookies headers from the client... ... Dominick Baier ... I did see the 302 redirect to my next page. ... Would a cookie show up as ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Cookie expires after 30 mins when I set longer expiring time..
    ... Because I want to allow users to custom the expiring time of their cookie. ... "Dominick Baier" wrote: ... following codes to set the expire time of cookie to 3 days. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: FormsAuthentication.SignOut(); doesnt work...
    ... use a tool like www.fiddlertool.com to check if the cookie is really cleared... ... Dominick Baier - DevelopMentor ... > After 'logging off', ...
    (microsoft.public.dotnet.framework.aspnet.security)