Solved

FormsAuthentication.Authenticate authenticates but doesn't redirect

Posted on 2011-02-12
2
372 Views
Last Modified: 2013-12-17
Hi,
I have an asp.net application in whose pages are free to view to every one however in it I have added a folder called "Demo" that needs protection and a login page.

In my web.config i have:

    <authentication mode="Forms" >
      <forms loginUrl="Admin.aspx" defaultUrl="DemoFolder/Demo.aspx" name=".ASPNETAUTH" protection="None" path="/" timeout="20" >
        <credentials passwordFormat="Clear">
          <user name="joe" password="test" />
        </credentials>
      </forms>
    </authentication>

In the location section I have:

  <location path="Demo">
    <system.web>
      <authorization>
        <deny users="?"/>
      </authorization>
    </system.web>
  </location>

And in my login_click() event I have:

            if (FormsAuthentication.Authenticate(txtUserName.Text, txtPassword.Text))
            {
                Response.Redirect("~/DemoFolder/Demo.aspx");    
            }
            else
            {
                Msg.Text = "Login failed. Please check your user name and password and try again.";
            }

The Authenticate method definitely works because if I put the wrong passowrkd the Msg.Text will be executed. I have very similar code elsewhere and it works.

Any ideas welcome.
0
Comment
Question by:ilyrian
2 Comments
 
LVL 8

Accepted Solution

by:
Yiogi earned 500 total points
ID: 34880789
Everything looks ok to me, except from the fact that you don't set your authentication cookie anywhere. Since you have a set url to redirect to and you don't want to use RedirectFromLoginPage method you should manually set the cookie. So before Response.Redirect please add this line:

        FormsAuthentication.SetAuthCookie(userName, false);

You can replace false with true to persist the authentication cookie for 50 years. RedirectFromLoginPage sets the cookie for you but you are not using it.
0
 

Author Closing Comment

by:ilyrian
ID: 34882567
Spot on Yiogi, I know it was something to do with the Authentication cookie but it was not doing it for me. You line of code was all that was missing.
Thanks
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This document covers how to connect to SQL Server and browse its contents.  It is meant for those new to Visual Studio and/or working with Microsoft SQL Server.  It is not a guide to building SQL Server database connections in your code.  This is mo…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question