470,863 Members | 1,142 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,863 developers. It's quick & easy.

Re-authenticate prior to server.transfer

I am posting a form with data which has timed-out and forced a login. I
assumed that the following code would re-authenticate the session
(assuming the supplied userName and password are correct) but it does
not. Can anyone suggest the solution?

if FormsAuthentication.Authenticate(tbUserName.Text, tbPassword.Text) then
FormsAuthentication.SetAuthCookie(tbUsername.Text, false)
Server.Transfer("destinationPage.aspx", true)

'This works, but doesn't transfer the form data.
'FormsAuthentication.RedirectFromLoginPage(tbUsern ame.Text, false)
else
lblMessage.Text = "<font color=red>Sorry, " & _
"invalid username or password!</FONT><P>"
end if

Nov 19 '05 #1
2 1386
To persist a cookie, you must allow a response to get back to the client,
which is what the RedirectFromLoginPage does. The Server.Transfer transfers
page execution at the server level, not the client level, so your auth
cookie never gets to the client for your required authentication.

You'll need to find a way to persist your form values using a
response.redirect, not a server.transfer, using this method. Perhaps save
this data in the session, DB or other means.

--

- Paul Glavich
ASP.NET MVP
ASPInsider (www.aspinsiders.com)
"Alfred Salton" <al***********@hotmail.com> wrote in message
news:2005021415522216807%alfredsalton@hotmailcom.. .
I am posting a form with data which has timed-out and forced a login. I
assumed that the following code would re-authenticate the session
(assuming the supplied userName and password are correct) but it does
not. Can anyone suggest the solution?

if FormsAuthentication.Authenticate(tbUserName.Text, tbPassword.Text) then
FormsAuthentication.SetAuthCookie(tbUsername.Text, false)
Server.Transfer("destinationPage.aspx", true)

'This works, but doesn't transfer the form data.
'FormsAuthentication.RedirectFromLoginPage(tbUsern ame.Text, false)
else
lblMessage.Text = "<font color=red>Sorry, " & _
"invalid username or password!</FONT><P>"
end if

Nov 19 '05 #2
On 2005-02-15 05:18:18 -0700, "Paul Glavich [MVP ASP.NET]"
<gl**@aspalliane.com-NOSPAM> said:
To persist a cookie, you must allow a response to get back to the client,
which is what the RedirectFromLoginPage does. The Server.Transfer transfers
page execution at the server level, not the client level, so your auth
cookie never gets to the client for your required authentication.

You'll need to find a way to persist your form values using a
response.redirect, not a server.transfer, using this method. Perhaps save
this data in the session, DB or other means.


So I'd like to re-establish the authentication on the server - surely
this is possible. The server already knows the ultimate destination
URL, the form data and the user credentials.
Nov 19 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.

By using this site, you agree to our Privacy Policy and Terms of Use.