I have a web application using cookieless forms authentication. Every day my event log has a ton of 4005 error codes (Forms authentication failed for the request). I believe this is happening because users are bookmarking pages while they are logged in so when they revisit the forms ticket in the url has expired, atleast this is the only scenario I can trigger in testing.
My question is it possible to disable logging for this 4005 code ? its filling up my event log
Not an answer to your question, and I'm not even familiar with ASP. But if, just like for example PHPSESSID and jsessionid, this "forms ticket in the url" is actually a session id that is also added to the URL for anonymous visitors, then maybe search engines can cause this error as well? And if so: doesn't that break your search scores?
You can handle the error so it does not appear in the log
'in global.asax
Sub Application_Error(ByVal sender As Object, ByVal e As EventArgs)
' Code that runs when an unhandled error occurs
Dim lastError As Exception = Server.GetLastError()
' Must be a better way, just can remember how, you will get the idea.
If lastError.Message.Contains("Forms authentication failed for the request") Then
'do nothing
Server.ClearError()
End If
End Sub
If you can use cookies, its a much better solution than cookieless mode because your users will get to use bookmarks, which they'd surely expect to be able to do, and your error log will not be filled with errors. Its also less vulnerable to session hijacking.