By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,480 Members | 1,164 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,480 IT Pros & Developers. It's quick & easy.

How authenticate user manually?

P: n/a
I have a subdir called "customer" that only allows authenticated users
(using web.config.)

In my login.aspx I allow them to pass username/password in query string.
Then I go to a default page.

Am I doing this right? It doesn't seem to authenticate in IE6, only IE7 and
Firefox.

If Membership.ValidateUser(request.querystring("User" ),
request.querystring("Pwd")) Then
FormsAuthentication.SetAuthCookie(request.querystr ing("User"), True)
Response.Redirect("customer/MySecuredPage.aspx")
End If

If I run the same code in IE6, passing it a valid username & password, I get
auto redirected back to the login page, as if it's not authenticated. Any
idea what's wrong????
Jun 30 '08 #1
Share this Question
Share on Google+
6 Replies


P: n/a
"Cirene" <ci****@nowhere.comwrote in message
news:OA****************@TK2MSFTNGP03.phx.gbl...
In my login.aspx I allow them to pass username/password in query string.
Firstly, please say you don't actually pass the username AND password in a
query string...
--
Mark Rae
ASP.NET MVP
http://www.markrae.net

Jun 30 '08 #2

P: n/a
This is a company "internal" webapplication that is tied into a phone
answering system. The phone answering system auto logs in the operator.
It's NEVER seen to the users. It's necessary for this application.

"Mark Rae [MVP]" <ma**@markNOSPAMrae.netwrote in message
news:uI**************@TK2MSFTNGP04.phx.gbl...
"Cirene" <ci****@nowhere.comwrote in message
news:OA****************@TK2MSFTNGP03.phx.gbl...
>In my login.aspx I allow them to pass username/password in query string.

Firstly, please say you don't actually pass the username AND password in a
query string...
--
Mark Rae
ASP.NET MVP
http://www.markrae.net

Jun 30 '08 #3

P: n/a
"Cirene" <ci****@nowhere.comwrote in message
news:%2****************@TK2MSFTNGP06.phx.gbl...
>>In my login.aspx I allow them to pass username/password in query string.

Firstly, please say you don't actually pass the username AND password in
a query string...

This is a company "internal" webapplication that is tied into a phone
answering system. The phone answering system auto logs in the operator.
It's NEVER seen to the users. It's necessary for this application.
Hmm - OK...

Could it be a cookie issue...? Could it be that IE6 has been configured not
to accept cookies, even Session cookies...?
--
Mark Rae
ASP.NET MVP
http://www.markrae.net

Jun 30 '08 #4

P: n/a
Thanks. I believe this fixed the issue...

I added forms timeout to web.config section...

<authentication mode="Forms">

<forms timeout="180"/>

</authentication>
Does this make sense as to why this would work?

"Mark Rae [MVP]" <ma**@markNOSPAMrae.netwrote in message
news:%2****************@TK2MSFTNGP03.phx.gbl...
"Cirene" <ci****@nowhere.comwrote in message
news:%2****************@TK2MSFTNGP06.phx.gbl...
>>>In my login.aspx I allow them to pass username/password in query
string.

Firstly, please say you don't actually pass the username AND password in
a query string...

This is a company "internal" webapplication that is tied into a phone
answering system. The phone answering system auto logs in the operator.
It's NEVER seen to the users. It's necessary for this application.

Hmm - OK...

Could it be a cookie issue...? Could it be that IE6 has been configured
not to accept cookies, even Session cookies...?
--
Mark Rae
ASP.NET MVP
http://www.markrae.net

Jun 30 '08 #5

P: n/a
"Cirene" <ci****@nowhere.comwrote in message
news:uk**************@TK2MSFTNGP05.phx.gbl...
>>>>In my login.aspx I allow them to pass username/password in query
string.

Firstly, please say you don't actually pass the username AND password
in a query string...

This is a company "internal" webapplication that is tied into a phone
answering system. The phone answering system auto logs in the operator.
It's NEVER seen to the users. It's necessary for this application.

Hmm - OK...

Could it be a cookie issue...? Could it be that IE6 has been configured
not to accept cookies, even Session cookies...?

Thanks. I believe this fixed the issue...

I added forms timeout to web.config section...

<authentication mode="Forms">

<forms timeout="180"/>

</authentication>

Does this make sense as to why this would work?
Yes, but not why it wouldn't work with certain browsers - curious...
--
Mark Rae
ASP.NET MVP
http://www.markrae.net

Jun 30 '08 #6

P: n/a
Hmmmm Oh well - thanks for your proactive and informative responses, as
usual!

"Mark Rae [MVP]" <ma**@markNOSPAMrae.netwrote in message
news:%2******************@TK2MSFTNGP04.phx.gbl...
"Cirene" <ci****@nowhere.comwrote in message
news:uk**************@TK2MSFTNGP05.phx.gbl...
>>>>>In my login.aspx I allow them to pass username/password in query
>string.
>
Firstly, please say you don't actually pass the username AND password
in a query string...

This is a company "internal" webapplication that is tied into a phone
answering system. The phone answering system auto logs in the
operator. It's NEVER seen to the users. It's necessary for this
application.

Hmm - OK...

Could it be a cookie issue...? Could it be that IE6 has been configured
not to accept cookies, even Session cookies...?

Thanks. I believe this fixed the issue...

I added forms timeout to web.config section...

<authentication mode="Forms">

<forms timeout="180"/>

</authentication>

Does this make sense as to why this would work?

Yes, but not why it wouldn't work with certain browsers - curious...
--
Mark Rae
ASP.NET MVP
http://www.markrae.net

Jun 30 '08 #7

This discussion thread is closed

Replies have been disabled for this discussion.