0

I've been implementing the Forms Authentication in ASP.NET with C# (v3.5).

I created a simple login form, when the users' email & passwords are stored in my SQL db.

When I login in my localhost, everything works just fine, but when I published the project and uploaded it on to my production web server, things got a little bit wierd for me.

The HttpContentxt.Current.User.Identity.IsAuthenticated variable return false, even if the login was successfull (and again, in localhost everything works fine).

This is the following login button click code (I'm using my own DataAccess, ignore it's irrelevant code):

    protected void btnLogin_Click(object sender, EventArgs e)
    {
        Page.Validate("Login");
        if (Page.IsValid)
        {
            string email = txtEmail.Text;
            string passwd = FormsAuthentication.HashPasswordForStoringInConfigFile(txtPassword.Text, "MD5");
            WebFactory.DataAccess.Users.Data userData = new WebFactory.DataAccess.Users.Data(ConnectionString);
            userData.Load(new WebFactory.DataAccess.Users.Item[] {
                new WebFactory.DataAccess.Users.Item(WebFactory.DataAccess.Users.Columns.Email, email),
                new WebFactory.DataAccess.Users.Item(WebFactory.DataAccess.Users.Columns.Password, passwd)
            });
            if (userData.HasData) // Login Success
            {
                if (!cbRememberMe.Checked)
                {
                    FormsAuthentication.SetAuthCookie(userData.Id.ToString(), false);
                }
                else
                {
                    FormsAuthentication.Initialize();
                    DateTime expires = DateTime.Now.AddDays(20);
                    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
                        userData.Id.ToString(),
                        DateTime.Now,
                        expires,
                        true,
                        String.Empty,
                        FormsAuthentication.FormsCookiePath);

                    string encryptedTicket = FormsAuthentication.Encrypt(ticket);
                    HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
                    authCookie.Expires = expires;
                    Response.Cookies.Add(authCookie);
                }
                lblStatus.Text = "";
                if (Common.QS.HasRefUrl)
                {
                    Response.Redirect(Common.QS.RefUrl);
                }
                else
                {
                    Common.UserTools.RedirectLoggedInUser(userData.Id);
                }
            }
            else // Login failed
            {
                lblStatus.Text = "Email or password is wrong. please try again."
            }
        }
    }

Thanks for all helpers, and sorry for the english mistakes.

Improve this question

2 Answers 2

Reset to default
5

Thanks all, I solved the problem.

I just needed to enter a name attribute in the <forms> clause and everything works perfectly now.

Thanks again!

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

hi, sorry to bring a dead thread alive, but what do you mean add a name attribute in the <forms> clause? im using mvc 3.0, and i would be able to log in but after a minute of clicking it would redirect me to the login page again. but in my localhost it works perfectly..any help is appreciated. thanks!
2

Try checking the Forms Authentication Configuration in your web.config. Specifically the domain and path variables. The domain should match the domain of your website and the path should match the application folder name. You probably won't have one of these, so just set it to "/"

You can also set up tracing to make sure that the cookie is actually being read by the application.

Improve this answer

2 Comments

Hi Jason and thanks for the answer. I set up the 'domain' and 'path' attributes in the <forms> clause, but still no change. IsAuthenticated still remains false after login.
Hi Gal V. Is the IsAuthenticated property true when cbRememberMe is checked?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.