views:

46

answers:

1

Hi, I am using Forms Authentication in my VS-2005 website.

In case of wrong credentials or while explicitly requesting protected pages the website is able to redirect user to login page. However, when correct login credentials are provided the application is not able to redirect the user to the desired page.

While debugging I found that 'Request.IsAuthenticated=False' just before I redirect the user to the desired page. While coding I thought that this property will be set to true automatically after I generate the Authentication ticket. So do I need to set it explicitly inside the submit button click on Login page after validation?

BTW I have not used the 'GetAuthcookie', 'SetAuthCookie' or 'RedirectFromLoginPage' methods. I am posting the code inside the submit button click on the Login page as well as the Authentication and Authorization tags in web.config.

<authentication mode="Forms">
  <forms name=".ASPXFORMSDEMO" loginUrl="~/Login.aspx" cookieless="UseCookies"   path="~/"/>
</authentication>
<authorization>
  <deny users="?"/>
</authorization>

Protected Sub btnsubmit_click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnsubmit.Click
    'here first validate if the user is valid user
    ad = New Aranya_Data
    Dim code As Integer = ad.validateuser(txtuserid.Text, txtpwd.Text)

    'need to implement forms authentication here
    If code = 0 Then
        'creating the authentication ticket

        Dim tkt As FormsAuthenticationTicket
        Dim cookiestr As String = ""
        Dim ck As HttpCookie
        tkt = New FormsAuthenticationTicket(1, txtuserid.Text, DateTime.Now, DateTime.Now.AddMinutes(30), chkRemember.Checked, "14062010")
        cookiestr = FormsAuthentication.Encrypt(tkt)
        ck = New HttpCookie(FormsAuthentication.FormsCookieName, cookiestr)
        If chkRemember.Checked Then
            ck.Expires = tkt.Expiration
        End If
        ck.Path = FormsAuthentication.FormsCookiePath
        Response.Cookies.Add(ck)
        Dim strRedirect As String = ""
        strRedirect = Request("ReturnUrl")
        If strRedirect Is Nothing Then
            strRedirect = "~/Second.aspx"
        End If
        Response.Redirect(strRedirect & "?usr=" & tkt.Name, True)
    Else
        MsgBox("Invalid Login credentials! Please try again.", MsgBoxStyle.OkOnly, "Please Note")
    End If

End Sub

Please let me know if you want me to post more code or information.

A: 

Hi,

I managed to find a solution and it works now.

Inside the 'authentication' tags removed the 'path' attribute for the 'forms' tag in web.config this fixed the issue. Now my authentication tag looks as follows :-

<authentication mode="Forms">
  <forms name=".ASPXFORMSDEMO" loginUrl="~/Login.aspx" cookieless="UseCookies" />
</authentication>

Thanks

sujimon