By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,389 Members | 2,065 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,389 IT Pros & Developers. It's quick & easy.

Disappearing cookies after login.aspx

P: n/a
I am implementing a secure website using the ASP.NET FormsAuthentication
model. I have taken the simplest code examples from MSDN
(login.aspx,default.aspx, web.config) but cannot get proper behavior on my
machine.

As an unauthenticated user, I navigate to the website http://localhost/XXX.
global.Authenticate_Request considers sending default.apsx but cannot find
any authentication cookie in the Context object, so the request is
redirected to login.aspx. Just as advertised.

Now, I perform a login through login.aspx. When RedirectFromLoginPage is
called by login.aspx, global.Authenticate_Request is again invoked. But no
authentication cookie is present in the Context object, so the request is
once again redirected to login.aspx.

I modified the login.aspx login_click behavior to explicitly create a Ticket
and Cookie (unencrypted), place it in the Context.Response collection. I
verify the presence of the new cookie with the debugger before login_click
terminates. Next, I watch the global application's Authenticate_Request
with the debugger and see that the Context.Response.Cookies collection is
empty!

Here is my development environment:
1) W2K Pro SP5
2) IIS 5.0
3) Visual Studio .NET 2003, .Net Framework 1.1
4) Zone Alarm Pro 3.0
5) Norton Antivirus

LAN is wireless. Access point is also a router. Router is configured to use
Zone Alarm security settings from localhost.

I have tried out this application in the following ways, all exhibiting the
same behavior:
1) IE 6 Browser session on localhost.
2) Mozilla browser session on localhost
3) IE 6 browser session on another machine on the intranet

I tried shutting down ZAPro, disabling autostart and rebooting, to no avail.
I checked the privacy settings and have the following set:
Allow session and persistent cookies
Block 3rd party cookies.

I toyed around with IIS but don't really know what I'm doing so gave up and
recreated the website. No change in behavior (ARRGH!).

If I modify login.aspx to make the user authentication a persistent cookie,
the same behavior occurs initially, but a subsequent browser session will
bring up default.aspx.

WHAT IS HAPPENING TO MY COOKIES? I am losing my cookies over these lost
cookies!

Another fact:
When I installed VS.NET on localhost, IIS 5 wasn't installed. I later
installed IIS, and ran a .NET tool to map .NET into IIS. I also ran the
VS.NAT install to atttempt to repair anything that got screwed up because
IIS wasn't there on the initial install.

Nothing I have done has resolved the problem. I figure that this problem is
due to the configuration of localhost.

CAN ANYONE HELP ME???????

You help is much-appreciated. Thanks in advance.

Jeff Bartels
je*********@usa.net
Nov 18 '05 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.