Forms Authentication

Hi,
we have an ASP application under C# talking to MS SQL 2000, it has no
problem with windows authentication for almost 200 users who are registered
in Active Directory. Application has several different folders though.

Now we are going to use a copy wide open in the internet, for more users,
under SSL and Forms Authentication.

based on Microsoft best practice, we have users table having userId and
hashed passwords.
passwords are Hashed using forms salt and encryption. no problem with that,
but cookies are not extended when client is sending posts. I tried to
manually extend it in Global file under:
Application_AuthenticateRequest by using let say myCookie.Expires =
DateTime.Now.AddMinutes(1);

but nothing!

and something else, when cookies are expired, user is sometimes sent to Log
On page, sometime not! and when not, there is a prompt for userid and PW
which doesn't help at all.

any note? or resources in the internet? (found some basic examples but
nothing more)



Thanks,

Vaf





.

Relevant Pages

  • Forms Authentication
    ... problem with windows authentication for almost 200 users who are registered ... hashed passwords. ... but cookies are not extended when client is sending posts. ... manually extend it in Global file under: ...
    (microsoft.public.dotnet.framework.aspnet)
  • Forms Authentication and Cookies
    ... problem with windows authentication for almost 200 users who are registered ... hashed passwords. ... but cookies are not extended when client is sending posts. ... manually extend it in Global file under: ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Cookies
    ... i'm using windows authentication. ... Maybe you have some sort of spyware ... in which i dont set the value of the cookies at any ... > Software Engineer, Infosys Technologies Limited. ...
    (microsoft.public.dotnet.framework.aspnet)