Hi there,
I've created an application which is using Forms-based authentification.
My Login-Button event handler looks somewhat like this:
// validate the input, etc...
// sUserName holds now the users name
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, sUserName, DateTime.Now, DateTime.Now.AddMinutes(20),false,
nRoleID.ToString(),FormsAuthentication.FormsCookie Path);
// encrypt the ticket
string sEncTicket = FormsAuthentication.Encrypt(ticket);
// set the cookie
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName,
sEncTicket));
It seems to work ok. But if I later use FormsAuthentication.SignOut() in
order to remove the Ticket, the ticket does not get removed. Why is this?
Thanks in advance!
Matthias
4  8294 
"Matthias S." <postamt@_remove_emvoid_remove_.de> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl... Hi there,
I've created an application which is using Forms-based authentification.
My Login-Button event handler looks somewhat like this:
// validate the input, etc...
// sUserName holds now the users name
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, sUserName, DateTime.Now, DateTime.Now.AddMinutes(20),false,
nRoleID.ToString(),FormsAuthentication.FormsCookie Path);
// encrypt the ticket
string sEncTicket = FormsAuthentication.Encrypt(ticket);
// set the cookie
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName,
sEncTicket));
It seems to work ok. But if I later use FormsAuthentication.SignOut() in
order to remove the Ticket, the ticket does not get removed. Why is this?
Have you tried it with FormsAuthentication.SetAuthCookie() instead. This is
what I use and it seems to work, but I am not quite sure how this differs
from the method you are using.
Thanks in advance!
Matthias
Hi,
I can't use the SetAuthCookie, since I have to assign a specific role to
the user. But starting the authenticated session works fine, only ending
it seems problematically.
Matthias
Andy Fish wrote: "Matthias S." <postamt@_remove_emvoid_remove_.de> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
Hi there,
I've created an application which is using Forms-based authentification.
My Login-Button event handler looks somewhat like this:
// validate the input, etc...
// sUserName holds now the users name
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, sUserName, DateTime.Now, DateTime.Now.AddMinutes(20),false,
nRoleID.ToString(),FormsAuthentication.FormsCook iePath);
// encrypt the ticket
string sEncTicket = FormsAuthentication.Encrypt(ticket);
// set the cookie
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName,
sEncTicket));
It seems to work ok. But if I later use FormsAuthentication.SignOut() in
order to remove the Ticket, the ticket does not get removed. Why is this?
Have you tried it with FormsAuthentication.SetAuthCookie() instead. This is
what I use and it seems to work, but I am not quite sure how this differs
from the method you are using.
Thanks in advance!
Matthias
I had the same problem and was able to finally get this working
recently by using this code:
FormsAuthentication.SignOut()
' force Expiration of the cookie. this should "clear"
' the client-side data. the source of the issue ???
Context.Response.Cookies.Item( _
FormsAuthentication.FormsCookieName).Expires = Date.Now
Response.Redirect("login.aspx")
If you try to use the .Remove method instead of setting the existing
Item's Expire date, the application will not work out as expected.
This must be because Context.Response.Cookies collection is server-side
and if you Remove the item from the collection, it is never returned
back to the client. If it's not returned back, it will not be removed
(on the client side). This is the role of the Expiration Date.
I am assuming the Expires to Now forces the cookie to be removed on the
client side immediately. Perhaps it is this little bit of data on the
client that is causing the problem. It actually makes sense to me, but
it would be nice if this was more apparent from the documentation.
Matthias S. wrote: Hi,
I can't use the SetAuthCookie, since I have to assign a specific role
to the user. But starting the authenticated session works fine, only
ending it seems problematically.
Matthias
Andy Fish wrote: "Matthias S." <postamt@_remove_emvoid_remove_.de> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
Hi there,
I've created an application which is using Forms-based
authentification.My Login-Button event handler looks somewhat like this:
// validate the input, etc...
// sUserName holds now the users name
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, sUserName, DateTime.Now, DateTime.Now.AddMinutes(20),false,
nRoleID.ToString(),FormsAuthentication.FormsCook iePath);
// encrypt the ticket
string sEncTicket = FormsAuthentication.Encrypt(ticket);
// set the cookie
Response.Cookies.Add(new
HttpCookie(FormsAuthentication.FormsCookieName,sEncTicket));
It seems to work ok. But if I later use
FormsAuthentication.SignOut() inorder to remove the Ticket, the ticket does not get removed. Why is
this?
Have you tried it with FormsAuthentication.SetAuthCookie() instead.
This is what I use and it seems to work, but I am not quite sure how this
differs from the method you are using.
Thanks in advance!
Matthias
I had the same problem and was able to finally get this working
recently by using this code:
FormsAuthentication.SignOut()
' force Expiration of the cookie. this should "clear"
' the client-side data. the source of the issue ???
Context.Response.Cookies.Item( _
FormsAuthentication.FormsCookieName).Expires = Date.Now
Response.Redirect("login.aspx")
If you try to use the .Remove method instead of setting the existing
Item's Expire date, the application will not work out as expected.
This must be because Context.Response.Cookies collection is server-side
and if you Remove the item from the collection, it is never returned
back to the client. If it's not returned back, it will not be removed
(on the client side). This is the role of the Expiration Date.
I am assuming the Expires to Now forces the cookie to be removed on the
client side immediately. Perhaps it is this little bit of data on the
client that is causing the problem. It actually makes sense to me, but
it would be nice if this was more apparent from the documentation.
Matthias S. wrote: Hi,
I can't use the SetAuthCookie, since I have to assign a specific role
to the user. But starting the authenticated session works fine, only
ending it seems problematically.
Matthias
Andy Fish wrote: "Matthias S." <postamt@_remove_emvoid_remove_.de> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
Hi there,
I've created an application which is using Forms-based
authentification.My Login-Button event handler looks somewhat like this:
// validate the input, etc...
// sUserName holds now the users name
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, sUserName, DateTime.Now, DateTime.Now.AddMinutes(20),false,
nRoleID.ToString(),FormsAuthentication.FormsCook iePath);
// encrypt the ticket
string sEncTicket = FormsAuthentication.Encrypt(ticket);
// set the cookie
Response.Cookies.Add(new
HttpCookie(FormsAuthentication.FormsCookieName,sEncTicket));
It seems to work ok. But if I later use
FormsAuthentication.SignOut() inorder to remove the Ticket, the ticket does not get removed. Why is
this?
Have you tried it with FormsAuthentication.SetAuthCookie() instead.
This is what I use and it seems to work, but I am not quite sure how this
differs from the method you are using.
Thanks in advance!
Matthias
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Jeff Johnson |
last post by:
I'm using forms authentication to protect a subfolder within my site. I've
got it working fine except for two issues:
(1) When I do a RedirectFromLogin page I have to put a cookie path ("/"...
|
by: George Durzi |
last post by:
When you call FormsAuthentication.SignOut(), is the FormsAuthentication
cookie supposed to be destroyed automatically?
I'm creating my FormsAuthentication cookie by doing:
HttpCookie oCookie =...
|
by: Ed West |
last post by:
Hello
This SignOut code is not working, any ideas? TIA.
public class logout : System.Web.UI.Page {
private void Page_Load(object sender, System.EventArgs e) {
FormsAuthentication.SignOut();...
|
by: Jeff B |
last post by:
I am having a very perplexing problem with setting the user's roles. I have
tried to figure this out for 2 days now.
When the user logs in to the site, I retrieve the roles from the database
and...
|
by: Grant Merwitz |
last post by:
Hi, i am using forms authentication in an ASP.NET project
I am setting the Forms authentication cookie by using:
FormsAuthentication.RedirectFromLoginPage(UserName.Text, false);
Now when i...
|
by: Patrick Olurotimi Ige |
last post by:
When i add the following code below to a userControl it doesn't fire.
Any ideas?
Sub SignOut(ByVal objSender As Object, ByVal objArgs As EventArgs)
FormsAuthentication.SignOut()...
|
by: Åženol Akbulak |
last post by:
Hello;
I use in my web application FormsAuthentication. Also I use Session state
(InProc).
When a user logged in, I can read Session parameters. (For example
Session). Problem is that, when...
|
by: Mark Olbert |
last post by:
FormsAuthentication.SignOut() removes the authorization ticket from a user (and the user's roles), but does not change the user's
identity.
I need to be able to either revert the user to the...
|
by: parez |
last post by:
Hi ALl,
I had problem with FormsAuthentication.SignOut(). It wasnt working.
Looked arround and saw a lot of posts and different solutions to the
problem.
And some how (i dont nkow what...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
| |
