468,532 Members | 1,629 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,532 developers. It's quick & easy.

Disappearing cookies after login.aspx

I am implementing a secure website using the ASP.NET FormsAuthentication
model. I have taken the simplest code examples from MSDN
(login.aspx,default.aspx, web.config) but cannot get proper behavior on my

As an unauthenticated user, I navigate to the website http://localhost/XXX.
global.Authenticate_Request considers sending default.apsx but cannot find
any authentication cookie in the Context object, so the request is
redirected to login.aspx. Just as advertised.

Now, I perform a login through login.aspx. When RedirectFromLoginPage is
called by login.aspx, global.Authenticate_Request is again invoked. But no
authentication cookie is present in the Context object, so the request is
once again redirected to login.aspx.

I modified the login.aspx login_click behavior to explicitly create a Ticket
and Cookie (unencrypted), place it in the Context.Response collection. I
verify the presence of the new cookie with the debugger before login_click
terminates. Next, I watch the global application's Authenticate_Request
with the debugger and see that the Context.Response.Cookies collection is

Here is my development environment:
1) W2K Pro SP5
2) IIS 5.0
3) Visual Studio .NET 2003, .Net Framework 1.1
4) Zone Alarm Pro 3.0
5) Norton Antivirus

LAN is wireless. Access point is also a router. Router is configured to use
Zone Alarm security settings from localhost.

I have tried out this application in the following ways, all exhibiting the
same behavior:
1) IE 6 Browser session on localhost.
2) Mozilla browser session on localhost
3) IE 6 browser session on another machine on the intranet

I tried shutting down ZAPro, disabling autostart and rebooting, to no avail.
I checked the privacy settings and have the following set:
Allow session and persistent cookies
Block 3rd party cookies.

I toyed around with IIS but don't really know what I'm doing so gave up and
recreated the website. No change in behavior (ARRGH!).

If I modify login.aspx to make the user authentication a persistent cookie,
the same behavior occurs initially, but a subsequent browser session will
bring up default.aspx.

WHAT IS HAPPENING TO MY COOKIES? I am losing my cookies over these lost

Another fact:
When I installed VS.NET on localhost, IIS 5 wasn't installed. I later
installed IIS, and ran a .NET tool to map .NET into IIS. I also ran the
VS.NAT install to atttempt to repair anything that got screwed up because
IIS wasn't there on the initial install.

Nothing I have done has resolved the problem. I figure that this problem is
due to the configuration of localhost.


You help is much-appreciated. Thanks in advance.

Jeff Bartels
Nov 18 '05 #1
0 1989

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

2 posts views Thread by Beginner | last post: by
1 post views Thread by frekster | last post: by
1 post views Thread by frolda | last post: by
6 posts views Thread by BizWorld | last post: by
reply views Thread by PolarBears | last post: by
2 posts views Thread by vikramp | last post: by
reply views Thread by NPC403 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.