I m using "FormsAuthentication" in coded in to validate the users , I m maintaining username in sessions to processing , the problem is when i copy the URL and paste in Firefox Browser its not Redirecting to Login page, But it is working fine in Case of IE browser. I m checking the sessions values and Redirecting to Login when it is not authenticated its works only for IE. I need for Firefox Browser. Could any suggest me some method.


do you use: if (User.Identity.IsAuthenticated)

you don't have to store it in a session. you can access the user object :)

and did you use FormsAuthentication.RedirectFromLoginPage() and/or

if (!User.Identity.IsAuthenticated)

if you use the login control do you have something in the code like this on the onclick of the asp:login control:

if (FormsAuthentication.Authenticate(username.Text, password.Text))
     FormsAuthentication.RedirectFromLoginPage(username.Text, true);

and something like this in the web.config:

    <authentication mode="Forms">
      <forms loginUrl="login.aspx" protection="All" timeout="30">
        <credentials passwordFormat="Clear">
          <user name="devhood" password="password"/>
          <user name="someguy" password="password"/>
JP Hellemons
I have a usercontrol for Menus, there i placed this code if(!HttpContext.Current.User.Identity.IsAuthenticated) FormsAuthentication.RedirectToLoginPage();but still it is not working. How to modify it, FireFox is storing Session values that s the trouble i think, how to resolve it.plz
how do you authenticate? can you post the code for it plz?
JP Hellemons
In the WebForms i m checking Like this: if (User.Identity.IsAuthenticated) { if ((Session["strRole"] != null iUserID = Convert.ToInt32(Session["iUserID"]); } else FormsAuthentication.RedirectToLoginPage(); } else FormsAuthentication.RedirectToLoginPage();
hi capsoft, In User control I m Checking like this: if(!HttpContext.Current.User.Identity.IsAuthenticated) FormsAuthentication.RedirectToLoginPage();
@masilami ok, but how do you set the cookie on the login? do you use the <asp:login ... control? do you have events to that control?
JP Hellemons
I m not using cookies but instead placing the values in sessions. and I dont use Login control too
@masilami it's ok if you don't use the asp:login but you should use: FormsAuthentication.RedirectFromLoginPage(username.Text, true);
JP Hellemons
Hi Caspsoft , thanks for ur suggestions , its working previously i left the second parameter so it was troubling me but now its working .. Thanks 4 ur help
@masilamani your welcome
JP Hellemons

If you are using FormsAuthentication, I recommend not to merge with Session. This combination gave us lot of pain in past. When you are using FormsAuthentication you can call Membership.GetUser() which will return you with the MembershipUser object of currently logged in user and if the user is not logged-in, it will return null.

So you can bind your redirect logic around this and check if the user is logged-in or not. Yes you can keep the Username in session for some other purpose.

this. __curious_geek