Re: Why I remain signed on (auth/authorization)?

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

I have, in the Pricay tab of IE's Options, set "Block All Cookies".
I tried to test this with FireFox. Running under localhost FireFox presents
me with a windows logon popup asking for my windows account logon ( and
ignoring <authentication mode="Forms">. Then when I go to restriced page it
doesnt even ask for login and gives me the page. Bypassing the whole thing!
....

"Brock Allen" <ballen@xxxxxxxxxxxxxxxxx> wrote in message
news:1139189632609270738906250@xxxxxxxxxxxxxxxxxxxxxxx
> Not sure without seeing your setup, but I'd guess that you've not really
> disabled cookies in IE? *shrug*
>
> -Brock
> DevelopMentor
> http://staff.develop.com/ballen
>
>
>
>> Thanks a lot Brock.
>> That solves my problem. I'm still wondering how ASP.NET manages to use
>> cookies to accomplish the siging process while I have disabled cookies
>> completey in IE.
>> "Brock Allen" <ballen@xxxxxxxxxxxxxxxxx> wrote in message
>> news:1136531632609120437812500@xxxxxxxxxxxxxxxxxxxxxxx
>>
>>> Pass false as the 2nd parameter to RedirectFromLoginPage.
>>>
>>> -Brock
>>> DevelopMentor
>>> http://staff.develop.com/ballen
>>>> When i sign on using
>>>>
>>>> <authentication mode="Forms">
>>>> <forms loginUrl="LogIn.aspx"/>
>>>> </authentication>
>>>> My login code is:
>>>> If MyCheckPassword(name, pwd) Then
>>>> FormsAuthentication.RedirectFromLoginPage(name, True)
>>>> End If
>>>> So far so good. What happens is that once I have signed in I remain
>>>> signed in even cross application restarts. How can I set the
>>>> authorization cookie to expire with e.g., session expiration?
>>>> Also, I have all cookies disabled in my browser. How does the
>>>> authorization cookie get set anyway? This a different kind of
>>>> cookie?
>>>>
>>>> Thanks much.
>>>> Dee
>
>
>


.

Relevant Pages

  • Re: Why I remain signed on (auth/authorization)?
    ... Running under localhost FireFox presents me with a windows logon popup asking for my windows account logon (and ignoring. ... I'm still wondering how ASP.NET manages to use cookies to accomplish the siging process while I have disabled cookies completey in IE. "Brock Allen" wrote in message ... How can I set the authorization cookie to expire with e.g., ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: XML Webservice authentication
    ... so you have a web application which already does authentication using forms and on some pages you call a webservice..? ... Dominick Baier - DevelopMentor ... technology, the only solution I can see is to use cookies, but I am ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Custom RoleProvider question -- saving roles
    ... Dominick Baier - DevelopMentor ... I set the authentication to use cookies in web.config as follows ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Custom RoleProvider question -- saving roles
    ... roles are cached in a cookie called .aspxroles by default - the caching and persistence settings are in ... the settings configures how the authentication ticket state is maintained. ... Dominick Baier - DevelopMentor ... I set the authentication to use cookies in web.config as follows ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Why I remain signed on (auth/authorization)?
    ... cookies to accomplish the siging process while I have disabled cookies ... >> authorization cookie to expire with e.g., ...
    (microsoft.public.dotnet.framework.aspnet)