Re: Persist login does not work
From: Svein Terje Gaup (stgaup_at_broadpark.no.spam)
Date: 05/24/04
- Previous message: Svein Terje Gaup: "Re: Persist login does not work"
- In reply to: Eric Marvets: "Re: Persist login does not work"
- Next in thread: Eric Marvets: "Re: Persist login does not work"
- Reply: Eric Marvets: "Re: Persist login does not work"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 24 May 2004 01:10:53 +0200
It doesn't seem to be working anyway.
This is whats happening:
1. btnLogon_Click =>
- Creates a new ticket with roles, encrypts it, adds it to a cookie
- If "Persist" is checked I set the Expires to Now + 365 days (but I
shouldn't have to should I, because I've already passed the "Persist"
parameter both when creating the ticket, and I pass it when getting the
RedirectURL)
- Then the cookie is added to the Response.cookies collection.
- Then the logon page redirects back to the calling page, calling
FormsAuthentication.GetRedirectUrl, and passing again "true" for the Persist
parameter.
2. Now Application_AuthenticateRequest in Global.asax is invoked. This is
what happens:
- The authentication cookie is retrieved from the Request.Cookies
collection. This is where something must have gone wrong, because now the
expiration is no longer set.
- By your advise, I now should set the expiration again. However, how am I
to know what the expiration was set to on the login page? It is no longer
set. I could pass it using Session, but I shouldn't have to or what? If I do
set the expiration to, say 60 minutes, then when I close the browser after
logging on, I am still logged on when entering the website in a new browser
session, but not because I checked "Persist logon", and not for 365 days as
I would have wished.
- I use the Set method to reset the cookie in the Response.Cookies
collection.
I have made a for-loop that writes out the cookies collection at the bottom
of the page redirected to from the logon page. This page shows two cookies
named "AuthCookie". One has expiration set to "1/1/1" the other to 60
minutes in the future.
So any more suggestions?
Why doesn't the cookie get persisted when the persist option is set?
Regards
Svein Terje Gaup
"Eric Marvets" <ericm@bangproject.com> wrote in message
news:O%23FgXoPQEHA.2520@TK2MSFTNGP11.phx.gbl...
> Do this:
>
> <existing code>
>
> // Create a cookie and add the encrypted ticket to the cookie as data.
> HttpCookie authCookie = new
HttpCookie(FormsAuthentication.FormsCookieName,
> encryptedTicket);
>
> </existing code>
>
> <add>
>
> authCookie.Expires = DateTime.Now.AddMinutes(60);
>
> </add>
>
> <existing code>
>
> // Add the cookie to the outgoing cookies collection.
> Response.Cookies.Add(authCookie);
>
> </existing code>
>
> Then in the Application_AuthenticateRequest event, after you finish
> extracting the roles, reset the exipration of the Cookie and replace it in
> the Response.
>
>
> --
> Eric Marvets
> Principal Consultant
>
> the bang project
>
> <shameless self promotion>
>
> Email sales@bangproject.com for Information on Our Architecture and
> Mentoring Services
>
> </shameless self promotion>
>
>
- Previous message: Svein Terje Gaup: "Re: Persist login does not work"
- In reply to: Eric Marvets: "Re: Persist login does not work"
- Next in thread: Eric Marvets: "Re: Persist login does not work"
- Reply: Eric Marvets: "Re: Persist login does not work"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
