FormsAuthentication.Authenticate authenticates but doesn't redirect

I have an application in whose pages are free to view to every one however in it I have added a folder called "Demo" that needs protection and a login page.

In my web.config i have:

    <authentication mode="Forms" >
      <forms loginUrl="Admin.aspx" defaultUrl="DemoFolder/Demo.aspx" name=".ASPNETAUTH" protection="None" path="/" timeout="20" >
        <credentials passwordFormat="Clear">
          <user name="joe" password="test" />

In the location section I have:

  <location path="Demo">
        <deny users="?"/>

And in my login_click() event I have:

            if (FormsAuthentication.Authenticate(txtUserName.Text, txtPassword.Text))
                Msg.Text = "Login failed. Please check your user name and password and try again.";

The Authenticate method definitely works because if I put the wrong passowrkd the Msg.Text will be executed. I have very similar code elsewhere and it works.

Any ideas welcome.
Who is Participating?
YiogiConnect With a Mentor Commented:
Everything looks ok to me, except from the fact that you don't set your authentication cookie anywhere. Since you have a set url to redirect to and you don't want to use RedirectFromLoginPage method you should manually set the cookie. So before Response.Redirect please add this line:

        FormsAuthentication.SetAuthCookie(userName, false);

You can replace false with true to persist the authentication cookie for 50 years. RedirectFromLoginPage sets the cookie for you but you are not using it.
ilyrianAuthor Commented:
Spot on Yiogi, I know it was something to do with the Authentication cookie but it was not doing it for me. You line of code was all that was missing.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.