I developed a small web app using the FormsAuthentication class to set a
cookie (FormsAuthentication.SetAuthCookie(value, isPersist)). The cookie
persists fine on my local PC when "isPersist" is true and I can see the
cookie file in the cookies folder on my disk. However, after I migrated the
application to a server, the cookie is no longer written to the disk. It's
still in memory and as long as I don't close the browser instance, the user
is kept authenticated, but the cookie just doesn't persist to the disk.
It's exactly the same build and the virtual dirs are the same too. Any
environment change I have to make to the .NET framework on the server?
Thanks for any suggestions.
Bob
2  2526 
"BH" <bo*******@yahoo.com> wrote in message
news:Oq**************@TK2MSFTNGP09.phx.gbl... Both my PC and the server are on the same Windows network domain if that's
what you meant.
No. I meant domain in terms of cookies. For instance, for a cookie set for
http://msdn.microsoft.com could be set for domain "msdn.microsoft.com", in
which case it would be sent to all pages under msdn.microsoft.com or
foo.msdn.microsoft.com. It would not be sent to www.microsoft.com. But if
the domain were set to "microsoft.com", the cookie would be sent both to
msdn.microsoft.com and www.microsoft.com.
The domain for http://localhost/ is string.Empty.
--
John Saunders
Internet Engineer
jo***********@surfcontrol.com
I also found that any authentication ticket created and added to
Response.Cookies doesn't persist. However, if I just add a plain cookie
(like the two lines below), it persists regardless whether the web app is
on my PC or on the server.
Response.Cookies["test"].Value = "abc";
Response.Cookies["test"].Expires = DateTime.Now().AddDays(3);
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:uM**************@TK2MSFTNGP10.phx.gbl... "BH" <bo*******@yahoo.com> wrote in message
news:u9**************@TK2MSFTNGP09.phx.gbl... I developed a small web app using the FormsAuthentication class to set
a cookie (FormsAuthentication.SetAuthCookie(value, isPersist)). The cookie persists fine on my local PC when "isPersist" is true and I can see
the cookie file in the cookies folder on my disk. However, after I
migrated the application to a server, the cookie is no longer written to the disk.
It's still in memory and as long as I don't close the browser instance, the
user is kept authenticated, but the cookie just doesn't persist to the
disk. It's exactly the same build and the virtual dirs are the same too.
Any environment change I have to make to the .NET framework on the server?
This sounds like it might be an issue with browser security settings.
Your browser is willing to accept the cookie, but is not willing to persist
it.
Is the domain different between your server and your local PC? Is it
being set when your code is running on the server?
--
John Saunders
Internet Engineer
jo***********@surfcontrol.com
ic, but I don't see how you can set the cookie domain when calling
FormsAuthentication.SetAuthCookie.
Another thing is I tried the app directly in IE on the server via Terminal
Service using the http://localhost/myApp , the cookie is not written to the
disk either....
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:OR**************@TK2MSFTNGP12.phx.gbl... "BH" <bo*******@yahoo.com> wrote in message
news:Oq**************@TK2MSFTNGP09.phx.gbl... Both my PC and the server are on the same Windows network domain if
that's what you meant.
No. I meant domain in terms of cookies. For instance, for a cookie set for
http://msdn.microsoft.com could be set for domain "msdn.microsoft.com", in
which case it would be sent to all pages under msdn.microsoft.com or
foo.msdn.microsoft.com. It would not be sent to www.microsoft.com. But if
the domain were set to "microsoft.com", the cookie would be sent both to
msdn.microsoft.com and www.microsoft.com.
The domain for http://localhost/ is string.Empty.
--
John Saunders
Internet Engineer
jo***********@surfcontrol.com
I also found that any authentication ticket created and added to
Response.Cookies doesn't persist. However, if I just add a plain cookie
(like the two lines below), it persists regardless whether the web app
is on my PC or on the server.
Response.Cookies["test"].Value = "abc";
Response.Cookies["test"].Expires = DateTime.Now().AddDays(3);
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:uM**************@TK2MSFTNGP10.phx.gbl... "BH" <bo*******@yahoo.com> wrote in message
news:u9**************@TK2MSFTNGP09.phx.gbl...
> I developed a small web app using the FormsAuthentication class to
set a > cookie (FormsAuthentication.SetAuthCookie(value, isPersist)). The
cookie > persists fine on my local PC when "isPersist" is true and I can see the > cookie file in the cookies folder on my disk. However, after I migrated the
> application to a server, the cookie is no longer written to the
disk. It's
> still in memory and as long as I don't close the browser instance,
the user
> is kept authenticated, but the cookie just doesn't persist to the
disk. > It's exactly the same build and the virtual dirs are the same too. Any > environment change I have to make to the .NET framework on the
server?
This sounds like it might be an issue with browser security settings. Your browser is willing to accept the cookie, but is not willing to persist it.
Is the domain different between your server and your local PC? Is it being set when your code is running on the server?
--
John Saunders
Internet Engineer
jo***********@surfcontrol.com
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Stefano Mostarda |
last post by:
Hi buddies,
I have a question.
I want to use the forms authentication in my web app.
My user login. The cookie is stored in the client machine and some
important information is stored in...
|
by: Gavin Stevens |
last post by:
I'm trying to figure out the ASP.NET Forms Auth
I have 3 or 4 pages i want to allow anonymous access to.. Then I have 5 or 6 pages I placed in another directory in the webproject. These I want...
|
by: mike parr |
last post by:
I'm using forms authentication and on my first page I want to check if
the user has a cookie, and if they do I want to authenticate then and
send them to my default page with a greeting, otherwise...
|
by: Lloyd Sheen |
last post by:
Way too many times while debugging I click a menu button to go to a page
which needs authentication to happen. The logon form is not shown. I have
closed VS2003, stopped IIS and restarted but to...
|
by: I am Sam |
last post by:
Can someone tell me what is wrong with this code? When I test it it does
nothing but return to the log in page. As far as I can see the web.config is
working fine and the authentication element...
|
by: pv_kannan |
last post by:
I recently found out that my authentication cookies are not expiring
even though I have set the persist property to false. As a result,
users are able to access the secure websites with indifferent...
|
by: Randall Parker |
last post by:
Some questions on forms authentication:
1) Can one do one's own checking of username and password and totally bypass calling
FormsAuthentication.Authenticate?
2) does the "new...
|
by: Mark Olbert |
last post by:
I'm building an ASPNET2 website which uses forms authentication but does not use the Microsoft-supplied membership providers (mostly
because I don't want to create my own provider at this point, and...
|
by: =?Utf-8?B?R3V1czEyMw==?= |
last post by:
Hi,
I created a web site on a remote server. To logon the user must enter a user
id and password. The site is uses Forms Authentication.
The web config file looks as follows:
...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
