views:

47

answers:

2

Whenever cookies are disabled in my browser and then i try to login on login page it unable to create session and so unable to login in system. Then i change the cookie setting to

<sessionState cookieless="true" timeout="20" />

in my web.config and then try to login Post action of the login function it doesnt call and whenever i input username and password and sumbit it, it call simple login action instead of Post one. What is the issue?

A: 

You shouldn't confuse session with authentication. If you are using Forms Authentication a separate cookie will be used to track authenticated users. Here's a good article explaining how to enable cookieless forms authentication. You could set the cookieless attribute on the <forms> element.

Darin Dimitrov
im not using form authentication instead i have built my own login mechanism. I just want to login user whenever cookies are disabled in user browser
Fraz Sundal
A: 

Quote:

"im not using form authentication instead i have built my own login mechanism. I just want to login user whenever cookies are disabled in user browser"

End Quote

That's the problem with rolling your own login: you lose all the benefits of using Membership Providers. You should cast your "own login mechanism" into a custom membership provider so that you can benefit from what ASP.NET provides out of the box.

Writing a custom membership provider is not difficult, and there are loads of articles, samples and blogs on the subject.

4guysfromrolla.com, for example, has a series of articles dedicated to the ASP.NET membership provider.

awrigley