Forms Authentication logs out very quickly , locally works fine !!!

Question

Hello to all,

There's a problem that i am facing with my hosting company, I use a project that uses FormsAuthentication and the problem is that though it successfully logs in, it logs out VERY QUICKLY, and i don't know what could be the cause of that, so in my web.config file i added those lines:

<authentication mode="Forms" >
  <forms name="Nadim" loginUrl="Login.aspx" defaultUrl="Default.aspx" protection="All" path="/" requireSSL="false"/>
</authentication>
<authorization>
  <deny users ="?" />
</authorization>


<sessionState mode="StateServer" stateConnectionString="tcpip=localhost:42424"  cookieless="false"  timeout="1440">
</sessionState>

and this is the code i use in my custom login page :

protected void PasswordCustomValidator_ServerValidate(object source, ServerValidateEventArgs args)
    {
        try
        {
            UsersSqlDataSource.SelectParameters.Clear();
            UsersSqlDataSource.SelectCommand = "Select * From Admins Where AdminID='" + IDTextBox.Text + "' and Password='" + PassTextBox.Text + "'";
            UsersSqlDataSource.SelectCommandType = SqlDataSourceCommandType.Text;

            UsersSqlDataSource.DataSourceMode = SqlDataSourceMode.DataReader;

            reader = (SqlDataReader)UsersSqlDataSource.Select(DataSourceSelectArguments.Empty);
            if (reader.HasRows)
            {
                reader.Read();
                if (RememberCheckBox.Checked == true)
                    Page.Response.Cookies["Admin"].Expires = DateTime.Now.AddDays(5);
                args.IsValid = true;

                string userData = "ApplicationSpecific data for this user.";

                FormsAuthenticationTicket ticket1 = new FormsAuthenticationTicket(1, IDTextBox.Text, System.DateTime.Now, System.DateTime.Now.AddMinutes(30), true, userData, FormsAuthentication.FormsCookiePath);
                string encTicket = FormsAuthentication.Encrypt(ticket1);
                Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
                Response.Redirect(FormsAuthentication.GetRedirectUrl(IDTextBox.Text, RememberCheckBox.Checked));

                //FormsAuthentication.RedirectFromLoginPage(IDTextBox.Text, RememberCheckBox.Checked);
            }
            else
                args.IsValid = false;

        }
        catch (SqlException ex)
        {
            ErrorLabel.Text = ex.Message;
        }
        catch (InvalidOperationException)
        {
            args.IsValid = false;
        }
        catch (Exception ex)
        {
            ErrorLabel.Text = ex.Message;
        }

Also you will find that line of code: FormsAuthentication.RedirectFromLoginPage(IDTextBox.Text, RememberCheckBox.Checked); is commented because i thought there might be something wrong with the ticket when i log in , so i created it manually , every thing i know i tried but nothing worked, so does anyone have any idea what is the problem ? Thanks in advance, Baher.

Answer 1

I think your problem maybe in the stateConnectionString="tcpip=localhost:42424" maybe you need to setup a different URL for your provider.

Answer 2

You are modifying things that don't need to be modified.

Remove the Response.Redirect(FormsAuthentication line, uncomment the redirect and try replacing your listed config with

<authentication mode="Forms" />
<authorization>
  <deny users ="?" />
</authorization>
<sessionState mode="StateServer" stateConnectionString="tcpip=localhost:42424"  cookieless="false"  timeout="1440"/>