Menu
I'm building a .net web app and using Forms authentication with cookies to remember if the user is signed in or not:
<authentication mode="Forms">
<forms timeout="4320" cookieless="UseCookies" loginUrl="~/account.aspx" name="test" slidingExpiration="true" />
</authentication>
But after building, changing the web.config or doing an IIS reset, the first page I load shows I am not signed in. But if I refresh the page again it then shows I'm signed in, even if I didn't do anything.
So it seems it remembers I was signed in, but only after the first page load.
Is that usual? Do I have something misconfigured in the web.config? Is this a localhost issue only?
494
Windows authentication supports two authentication protocols, Kerberos and NTLM, which are defined in the <providers> element. When you install and enable Windows authentication on IIS 7, the default protocol is Kerberos.
Authentication: The client generates and hashes a response and sends it to the IIS server. The server receives the challenge-hashed response and compares it to what it knows to be the appropriate response. If the received response matches the expected response, the user is successfully authenticated to the server.
If by this you mean running your project from Visual Studio (IISExpress - not IIS), then you can try to do the following: In Visual Studio -> Click on the root of your project -> Press F4 in order to open the properties pane -> Look for "Windows Authentication" and mark is as "Enabled" -> Run your project.
Ok, this was my own bonehead fault of course. Turns out in my web.config I had the setting:
<appSettings configSource="appSettings.config" />
The problem is that appSettings.config didn't exist in my project. After I removed this line (it was from boilerplate code and didn't need it), it worked find.
So apparently on the first load .net was angry about this file not existing as it was trying to load up the config for the first time, but after the first load it didn't care anymore (that's about as technical as I can get).
171
The problem is the session being reset. Although you are having the cookies, you need to do one more thing.
On your validate user section, make sure the remember me setting is checked, ie
FormsAuthentication.RedirectFromLoginPage ("TheirUserId", Persist.Checked)
its the Persist.Checked that you need to ensure is true. Refer to http://msdn.microsoft.com/en-us/library/xdt4thhy.aspx for further information
1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
