locked
FormsAuthentication.SetAuthCookie(sUserName, true); Executes, but Request.IsAuthenticated is False. Why does this happen? RRS feed

  • Question

  • User107954528 posted

    I am using the FormsAuthentication.SetAuthCookie method to create an authentication ticket for a user name. See the line of code below:  

    FormsAuthentication.SetAuthCookie(UserName.Text, true);

    This line of code executes with no error.  A few lines of code later the user is response redirected to a web page where Request.IsAuthenticated is checked. Request.IsAuthenticated turns out to be false. I do not know why.  I want it to be true.  Am I not setting the authentication cookie correctly?  What am I missing?  

    According to Microsoft's documentation (see URL below), FormsAuthentication.SetAuthCookie creates an authentication ticket for the supplied user name and adds it to the cookies collection of the response, or to the URL if you are using cookieless authentication.  

    https://docs.microsoft.com/en-us/dotnet/api/system.web.security.formsauthentication.setauthcookie?view=netframework-4.5.2

    Tuesday, October 22, 2019 1:58 PM

Answers

  • User107954528 posted

    Hi mgebhard, 

    Thank you for replying.  Unfortunately, I didn't get a chance to try FormsAuthentication.RedirectFromLoginPage.  

    My website (based on ASP.NET Web Forms) is using the Identity namespace.  I discovered that the IdentityHelper.SignIn method successfully does whatever needed to be done behind the scenes so that Request.IsAuthenticated is true after redirecting from Account\Login.aspx to Default.aspx.  

    My issue is solved, although I cannot understand why FormsAuthentication.SetAuthCookie does not work.  

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, October 23, 2019 5:09 AM

All replies

  • User475983607 posted

    Did you enable Forms Authentication and disable Anonymous Authentication?

    https://docs.microsoft.com/en-us/dotnet/api/system.web.security.formsauthentication?view=netframework-4.8

    Tuesday, October 22, 2019 3:56 PM
  • User107954528 posted

    Forms Authentication is enabled in the web.config file.  The code below is in the <system.web> node.  

    <authentication mode="Forms">
              <forms loginUrl="~/Account/Login.aspx" timeout="2880" />
    </authentication>

    Tuesday, October 22, 2019 4:12 PM
  • User475983607 posted

    Try RedirectFromLoginPage rather than SetAuthCookie.

    FormsAuthentication.RedirectFromLoginPage(txtUserName.Value, chkPersistCookie.Checked);

    https://docs.microsoft.com/en-us/dotnet/api/system.web.security.formsauthentication.redirectfromloginpage?view=netframework-4.8

    Tuesday, October 22, 2019 4:23 PM
  • User107954528 posted

    Hi mgebhard, 

    Thank you for replying.  Unfortunately, I didn't get a chance to try FormsAuthentication.RedirectFromLoginPage.  

    My website (based on ASP.NET Web Forms) is using the Identity namespace.  I discovered that the IdentityHelper.SignIn method successfully does whatever needed to be done behind the scenes so that Request.IsAuthenticated is true after redirecting from Account\Login.aspx to Default.aspx.  

    My issue is solved, although I cannot understand why FormsAuthentication.SetAuthCookie does not work.  

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, October 23, 2019 5:09 AM
  • User475983607 posted

    My issue is solved, although I cannot understand why FormsAuthentication.SetAuthCookie does not work. 

    I believe Identity is looking for a different cookie name than when building your own with SetAuthCookie.  In future posts always explain the ASP.NET feature/API you are using.

    Wednesday, October 23, 2019 10:57 AM