Re: Forms Authentication issues

From: eric.olstad@xxxxxxxxx
Date: 1 Feb 2006 06:05:05 -0800

I don't know.  The module authentication has been heavily tested and it
works.  Otherwise, I wouldn't be able to get past the login page.
Basically, what I am doing is loading the module, calling its
Authenticate(...) method (which returns a boolean) and then calling
RedirectFromLoginPage(username, false).  If the credentials fail, an
error message is shown on the login page.  If they succeed, I am
successfully redirected to the next page which in this case is the
Default.aspx.

If I hit refresh on Default.aspx, sometimes it works and refreshes.
Other times it will log me out and redirect me back to the login page.
The events shown above appear in the event log on the server.

I just tested something else...  The Default.aspx is derived from a
master page with a few images for the header and some text for the
footer.  There is an asp:LinkButton called LogOut that has a handler
that calls FormsAuthentication.SignOut() and
FormsAuthentication.RedirecToLoginPage().  Page_Load handler does
nothing.

What I noticed is that pages derived from the master page, when
refreshed, throw the CryptographicException causing me to log out, but
pages that are independent do not no matter how many times I refresh.

Could it have something to do with the fact that the master pages are
kept in another folder?  I'm not familiar with the methods in which
ASP.NET creates, encrypts and decrypts the authentication ticket (the
cookie).  Could that actually be causing the problem?  And if so, what
is the preferred way to do the master pages?  I was told that Microsoft
prefers the master pages to be kept in a seperate folder.

.

Follow-Ups:
- Re: Forms Authentication issues
  - From: eric . olstad

Prev by Date: Re: Page Directive & Dreamweaver??
Next by Date: Re: Forms Authentication issues
Previous by thread: Session is deleted when building project
Next by thread: Re: Forms Authentication issues
Index(es):
- Date
- Thread