Solved

ASP.Net 2.2 Custom Forms Authentication Not Working

Posted on 2008-06-13
6
240 Views
Last Modified: 2012-05-05
I am trying to get some very basic user authentication setup with Forms Authentication and a custom database.

(test.aspx)
Users.AuthenticateUser("admin", "admin", true);
Response.Redirect("test2.aspx");

(test2.aspx)
Response.Write(Users.IsAuthed());
Response.Write(Users.GetUserDetails());

------------------------------------------------------------------

AuthenticateUser() checks the database with a SELECT statement looking for a username/password match, then sets the AuthCookie. I've tried this both ways below, but neither works.

      //first try
      FormsAuthentication.SetAuthCookie(ds.Tables[0].Rows[0]["user_id"].ToString(), remember_login);
      
      //second try
      FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(2, username, DateTime.Now, DateTime.Now.AddYears(10), true, "", FormsAuthentication.FormsCookiePath);

      HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket).ToString());
      cookie.HttpOnly = true;
      cookie.Path = FormsAuthentication.FormsCookiePath;
      cookie.Secure = FormsAuthentication.RequireSSL;
      cookie.Expires = ticket.Expiration;

      System.Web.HttpContext.Current.Response.Cookies.Clear();
      System.Web.HttpContext.Current.Response.Cookies.Add(cookie);

------------------------------------------------------------------

IsAuthed() is getting the User.Identity.IsAuthenticated property, but it always returns false.

GetUserDetails() is also returning -1, meaning User.Identity.Name is not returning a correct value either.

------------------------------------------------------------------

In my Web.Config

<forms
      name="SqlAuthCookie"
      path="/login"
      domain="http://www.storytalers.com"
      defaultUrl="~/admin/default.aspx"
      loginUrl="~/admin/login.aspx"
      timeout="120"
      cookieless="UseCookies" />
0
Comment
Question by:stephen_rushing
  • 4
6 Comments
 
LVL 33

Accepted Solution

by:
raterus earned 125 total points
ID: 21780214
Get rid of that path variable in web.config, unless EVERY page they could ever visit is under that directory.  Clear the cookies on the browser, and try again.
0
 

Author Comment

by:stephen_rushing
ID: 21780321
Thanks for the quick response!

The problem was the path and domain. I am developing locally, so neither should have been there. I added the path in the troubleshooting process, but just removing the domain would have saved me an hour or two and some frustration. Anyways, it all appears to be working perfectly now! Thanks again.
0
 

Author Closing Comment

by:stephen_rushing
ID: 31466973
Thanks for bringing my attention to the path attribute.
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 
LVL 6

Expert Comment

by:rafayali
ID: 21780340
Are you using ASPNETDB.MDF as database?

I see that you mention custom database, so you probably are not using ASPNETDB. Ignore the q above. So, how are you accessing this custom database?

That is, did you extend MembershipProvider Class?

Or, Did you just create a new class Users and wrote all logic in AuthenticateUser?

What is the code for AuthenticateUser?

Is the SQL in AuthenticateUser() returning correct resultset?

I think the best approach in this case would be to extend the MembershipProvider or SQLMembershipProvider.

Let me know the answers to the questions above.
0
 

Author Comment

by:stephen_rushing
ID: 21780356
In case that wasn't 110% clear for future questioners, here's the resulting forms node in my web.config.

<forms name="SqlAuthCookie" defaultUrl="~test2.aspx" loginUrl="~test.aspx" timeout="120" cookieless="UseCookies"/>
0
 

Author Comment

by:stephen_rushing
ID: 21780429
Thanks for your answer, rafayali. The "correct" database access was the path I was headed down in troubleshooting, but just didn't seem to be yielding anything.

I had confirmed AuthenticateUser was returning a result row from the database matching the username/pw.

Users is a custom class, not an extension. I've done very little OOP coding, so this project is a big learning experience. The finished product will be a Flex interface, so my ultimate goal is to interact with these classes via Flex. I'm not sure what benefit i might get by extending MembershipProvider.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Hey Audio! 3 28
What are the best practices for updating dead links to valid ones? 6 34
VB: Convert 2 dates to specific format 24 48
asp enable view state 1 24
Entity Framework is a powerful tool to help you interact with the DataBase but still doesn't help much when we have a Stored Procedure that returns more than one resultset. The solution takes some of out-of-the-box thinking; read on!
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This video teaches viewers how to create their own website using cPanel and Wordpress. Tutorial walks users through how to set up their own domain name from tools like Domain Registrar, Hosting Account, and Wordpress. More specifically, the order in…
Learn how to set-up PayPal payment integration in your Wufoo form. Allow your users to remit payment through PayPal upon completion of your online form. This is helpful for collecting membership payments, customer payments, donations, and more.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now