On the other thread, you have an answer about this problem:
Session["loggedIn"] = true;
Response.Redire ct("redirectedP age.aspx");
If so, it will never work properly, as the session cookie is never set. In
order to set, you have to send info to the client. The redirect bombs that.
I do not, however, think that this is your problem, as you state the app
works on one box. This means there is something different in configuration
between the servers. You can search high and low, but your architecture is
also a problem.
Checking Session("var") for login is an ASP model, not ASPX. It is not wise
to keep this sort of architecture in ASP.NET. The proper model is to set up a
Principle object and use it for Identity. If the current ASP.NET mechanism
does not work for you, you will have to set up a custom provider.
In ASP.NET, the correct model is to set up a form and use Forms
authentication. If you TRULY want cookieless (setting session vars is not
cookieless, BTW), you set a value in the config file and allow it to add
session ID to the URL. In most cases, turning off cookies does not turn off
session cookies (difference between user and server cookies), so there is
little danger, but you can allow the munging.
The benefit of this system is you can follow the .NET model 100% and allow
the Framework to handle your authentication needs, rather than rewrite
ASP.NET to look like ASP.
---
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
*************** ************
Think Outside the Box!
*************** ************
"ywz" wrote:
Hi All,
I built a web application using cookieless session. It merely checks
for the session variable value upon login. This method works fine on
the host pc.
However, when i try to access the application via another pc in the
network, the login page redirects to itself even though the correct
passwd and usename is entered. I did a response.write and realise that
the value of the session variable is not set. How can i solve this
prob?
Any Help is greatly appreciated.
Tks...ywz