I have a login page where I authenticate the user. When the authentication pass, I then redirect the user to another page via Response.Redirect with the url defined in login control's destinationpageurl.
It work fine in firefox but when i test it with IE. It just redirect the user back to the login page.
does anyone know what's going on here?
Is there a restriction on the page that the user is getting redirected to in terms of security? Could it be an issue where in IE you have it locked down so it won't save cookies, and so when the user gets redirected, they get sent back to the login page since it appears they have not logged in (when in reality they did, it's just the next page couldn't tell that).
I would try using Fiddler to confirm that (to see if you do send a request to the next page or not).
I have
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
and
<authentication mode="Forms">
<forms loginUrl="Login.aspx"
name=".ASPXFORMSAUTH"
protection="All"
timeout="30"
requireSSL="false"
slidingExpiration="true"
enableCrossAppRedirects="false">
</forms>
</authentication>
in my web.config. It did make the request to the Default.aspx page after the login page then redirect back to login in page. I have confirm it using fiddler.