tags:

views:

202

answers:

2
+1  Q: 

asp:Login control, remember me is not remembering me

Hi all,

I have an ASP.NET login control on a page, with the "Remember Me" checkbox displayed. I have checked in trace and the authentication cookie is being created, I have sliding expiration set and a timeout of 60000, yet when I return to the website the login is not being remembered.

Any ideas where else I can check?

Thanks,

Darryl

A: 

I've found that whenever any problems are potentially related to cookies, that Firecookie is an invaluable tool for finding out what is actually going on...

davidsleeps  2010-04-12 11:25:05
The cookie is being set - from trace:EAAAuthCookie 62A7CC6485422A2393A3BDD015293F45E0652A3B23A5089C7D500235D288A17934B365C553159D9CB53F0A28516E3A3F48FC40435EAE0E00DDBC47F4B15774902845F1E8D21722AC068DD727C809FAAA754E8DF268FE672397A076D5469EF1CDA2099859DBDB5A70287E8091575C8689 238
Gogster  2010-04-12 11:42:25
have you checked the expiration date in FireCookie? Make sure it isn't set to "Session"...otherwise it'll behave as you describe...
davidsleeps  2010-04-12 12:45:19
+1  A: 

Correct! The Remember Me checkbox doesn't do anything for you and why should it?

After succesful login; you could create the cookie from code and (when entering the page or masterpage or whatever) attempt to read the previously made cookie to get your credentials.

Or you could use the SetAuthCookie when using FormsAuthentication; reference: http://msdn.microsoft.com/en-us/library/sxb3b282(vs.71).aspx

riffnl  2010-04-12 11:33:01
Yeah sorry, I am setting the auth cookie, here is the code:private void OnAuthenticate(Object sender, EventArgs e) { if (Membership.ValidateUser(UserName.Text, Password.Text)) { if (chkRememberMe.Checked) { FormsAuthentication.SetAuthCookie(UserName.Text, true); } else { FormsAuthentication.SetAuthCookie(UserName.Text, false); } Response.Redirect("/members"); } else { Response.Redirect("/login?lif=true"); } }
Gogster  2010-04-12 11:40:06
Are you reading the formsauth cookie when you enter the page afterwards? (silly question perhaps)
riffnl  2010-04-12 16:55:03
Apparently not that silly... d'oh!
Gogster  2010-04-13 14:25:19

related questions

Store user id in Principal or Identity? ASP.Net/OpenID.
Converting Single DB ASP.NET Site into MultiTenant - Membership and Roles Dilema
customize asp.net membership by changing "userid" type to integer
ASP Membership cannot handle encrypted connection strings in web.config
what is the best way to make some pages in asp.net require login?
Looking for a Yahoo Groups (CMS) replacement
Why should I Use ASP.NET Membership security model?
ASP.NET: Does implementing a custom MembershipProvider class needs you to implement a custom Membership class too?
How to set the Principal in an ASP.Net app
How can you test if an ASP.NET membership password will meet configured complexity requirements?
ExpressionEngine Multiple Site Manager and Member Groups
Locking out a user in an ASP .Net Custom Membership Provider
ASP.NET Application to authenticate to Active Directory or SQL via Windows Authentication or Forms Authentication
Not using e-mail address in a custom MembershipProvider?
How to get current user in Asp.Net MVC
programmatic login with .net membership provider
ASP.NET Forms Authentication With Only UserName
Unit test Custom membership provider with NUnit throws null reference error
How to access UserId in ASP.NET Membership without using Membership.GetUser() ?
How can I wire users with their respective folders in ASP.NET?
Grabbing Users with a specific value in their profile
How do you pass an authenticaticated session between app domains
What's the best way to authenticate over WCF?
Memcached chunk limit
ASP.NET Site Maps