2

I have some code where we create an authentication ticket. After creating the ticket, we call SetAuthCookie to set the cookie such as:

FormsAuthentication.SetAuthCookie(username, true);
Response.Redirect("/", true);

If I check on the root page to see if the user is authenticated, it returns false. However, if I hard code the username in and do:

FormsAuthentication.GetAuthCookie("jason", true).value);

I get the appropriate cookie value. So, the cookie exists. But the name and the flag are not modified. Any ideas as to what my issue could be? I'm using ASP.NET 4 and MVC.

Jason N. Gaylord
  • 7,910
  • 15
  • 56
  • 95
  • Why are you using `Response.Redirect` in an ASP.NET MVC application? Those tasks are usually accomplished by returning the proper ActionResult from the corresponding controller action. Also can you see in Fiddler the persistent cookie being set? And then is this cookie passed over to the `/` endpoint when the browser makes the GET request? – Darin Dimitrov Feb 20 '14 at 16:52
  • Because the user is not always living within this MVC app. We may have to redirect them to another non-MVC application. But, I can see the cookie being set, the values just aren't populated. – Jason N. Gaylord Feb 20 '14 at 18:50

1 Answers1

5

Solved

I was missing the forms section in the web.config. It was removed for local testing as the login form resides on another server. So, adding the following to web.config solved my issue:

<authentication mode="Forms" />
Jason N. Gaylord
  • 7,910
  • 15
  • 56
  • 95