.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Where are cookies stored for Forms Authentication when debugging asp.net from VS and the asp.net dev

Posted By:      Posted Date: September 02, 2010    Points: 0   Category :ASP.Net
Hey all!   When I have my app-deployed on a server and login with forms authentication I see my cookie get's created in   C:\Users\<user>\AppData\Roaming\Microsoft\Windows\CookiesAnd it works great and everything!But when I run my application locally with the asp.net development server while debugging from Visual Studio, I NEVER see a cookie file get created in that location.   I'm using the same PC and the same version of internet explorer 8 on the production as I am development so I'm not sure what's going on here.   Does anyone know where cookies get stored when hitting http://localhost:<devport> ?

View Complete Post

More Related Resource Links

SQL Reporting Service, Cookies and Forms Authentication

Hi, I currently have a instance of SQL Reporting Services that uses custom Forms authentication. When I access the Report Manager through Internet Explorer the Report Manager redirects to my login page, I login and it heads back to the Report Manager and everything works as expected. The problem I'm having is when I use the web service it fails when I call ListItems( ... ). I first create an instance of the service, I then call LogonUser with a username and password, which executes fine, then I call the ListItems which throws an exception similar to: The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (text/xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 1024 bytes of the response were: '<html>  <head>   <title>    SQL Server Reporting Services   </title><meta name="Generator" content="Microsoft SQL Server Reporting Services 10.50.1600.1" /> <meta name="HTTP Status" content="500" /> <meta name="ProductLocaleID" content="127" /> <meta name="CountryLocaleID" content="1033" /> <meta name="StackTrace" content="   at Microsoft.ReportingServices.

Forms Authentication Cookie not showing up in Request.Cookies Collection


While migrating my ASP.NET 1.1 application to 2.0, I've noticed something very odd that I can't explain:

When a user is authenticated via forms authentication, the forms authentication cookie is visible in the application trace (both in the httpheaders and the request.cookies section).  If I view the request.cookies collection using code in the application, I see the forms authentication cookie in the collection (as well as a "control" cookie I added for comparison).

If I log out of the application, the forms authentication cookie is gone and is not viewable anywhere (as expected).

Here's what's strange: When the login session of an authenticated user expires after 5 minues, the forms authentication cookie is still present.  This is expected as it is a non-persistent cookie and should remain in memory until the browser is closed.  When viewing the trace information, I see the forms authentication cookie in both the http headers and the request.cookies collection.  However, when I view the request.cookies collection from within the application using code, it is NOT there.  (The "control" cookie is, as expected)  I even took the step of reading the cookie in through javascript, and that does in fact work.

I've gone over this for hours using many

Explained: Forms Authentication in ASP.NET

This module explains how forms authentication works in ASP.NET version 2.0. It explains how IIS and ASP.NET authentication work together, and it explains the role and operation of the FormsAuthenticationModule class.

Using Forms Authentication in ASP.NET - Part 1

Classic ASP developers often had to "roll their own" authentication scheme, however, in ASP.NET much of the grunt work has been taken out. This article outlines how things have changed and how FormsAuthentication can be used to secure a Web site with a minimal amount of code.

ASP.NET Forms Authentication - Part 1

Often, in legacy Web applications, users authenticate themselves via a Web form. This Web form submits the user's credentials to business logic that determines their authorization level. Upon successful authentication, the application then submits a ticket in the form of a cookie, albeit a hard cookie or session variable. This ticket contains anything from just a valid session identification access token to customized personalization values.

ASP.NET forms authentication with roles

.A timeout is specified in minutes. This is "time since last request" not the "time since login". If a login is indicated to be persistent (described later) this is ignored.
.A protection method is specified for the cookie.
Next I wanted to specify a folder to which access is restricted to people who have logged in. To do this I entered the following code in the web.config file (beneath

Forms Authentication in ASP.NET

In this tutorial you will learn about Forms Authentication in ASP.NET 2.0 - Forms Authentication class, Cookie Domain, Forms Cookies, The Login Control, Signin, Signout, Authenticate, Redirect, Login Status, Login Name and Login View Controls.

Problems with Forms Authentication in DD 4 site


Hello,  I am seeing a strange problem with Forms Authentication in my DD site.   A user logs into and can view/edit/delete data all day, but when they execute a Custom Filter against data (for example , a control DynamicData/Filters/CustomerLastNameSearch.ascx ) then the site auth fails, and redirects to the log in screen.

in web.config I have

     <authentication mode="Forms">
            <forms name=".Star" loginUrl="~/Login.aspx" protection="All" defaultUrl="~/Default.aspx" path="/" timeout="43200" cookieless="UseCookies" />     

Offhand, I am thinking two things : that DynamicData/Filters path requires some special handling for some reason, or the control extension ascx is causing auth to get confused.   Has anyone else experienced this or have any suggestions?  Thanks!

Forms based users being prompted for windows authentication login for My Sites photos in user lists

Here's an issue I didn't see coming for our forms based authentication users. 

We have a web application extended to an external url to handle forms based authentication for users outside of our domain. Our setup looks like this...

Internal Users/Windows Authentication - moss.domain.com
External Users/Forms Based - mossext.domain.com
My Site for Internal Users - mysites.domain.com

When our forms based users are accessing user lists, or discussion pages that display user pictures, they are getting a windows authentication login for our internal users (mysites.domain.com) who have populated their my site with personal photo.

How do we fix this? 

403 Forbidden - Forms Authentication


Form template has cascading dropdown lists.  When item selected from first list, form code executes a FileQueryConnection to retrieve data from a list to populate 2nd listbox.  Getting 403 forbidden when explicitely attempting to retrieve data from code.  Form is using connections from a data connection library.  The template works perfectly when deployed to a windows authenticated site.  Fails when executed from the forms authenticated site.


Issue with Forms Authentication


 I'm in the middle of converting an intranet application to use forms authentication. The authentication process works fine for the core application and all the nested classic asp pages. However, my nested asp.net applications do not work. I have mapped their web.configs to the correct login url. If I attempt to access them after logging in, I am automatically redirected to the homepage of the intranet application. If I try to access them directly, I am redirected to the login screen, as I should be, and then the intranet homepage after the login process, instead of the page I need to access.

At first, I thought there might be some remnant of the security processes in the nested applications, but it does it for applications that have no security processes other than the one for the core intranet.

Since this is my first crack at using forms authentication, I'm assuming I've missed some step. Any ideas?

Here is the section of my web.config:

<authentication mode="Forms">

      <forms loginUrl="~/folder/loginpage.aspx" name="Cookie Name"></forms>


      <deny users="?" />
      <allow users="*"/>

Automatic expiration of forms authentication when user closes the browser windows without signing ou

Dear all, can u tell me how to automatically sign out a user if he/she closes the browser window without signing out. I'm using Forms Authentication.   Thanks 

Forms Authentication Add SQL Database Variable

I am using Forms Based Authentication I have extended the Forms Authentication Tables creating a custom table called Profile_Contact that holds the user's GUID, username, email address, and other information. I have another table called Profile_Account which holds company account information such as Company Name, address info, phone numbers etc. This table has a Key Field called IDProfileAccount. I include the IDProfileAccount field in the ProfileContact user table so I can associate the user with a specific Company.For the login page, I am using a basic login page created with using the Visual Studio login controls.When the user logs in, they are sent to the appropriate page as identified by the role the user has been given. This all works great. Now I need to extend the login page so that when the user logs in not only is the user's name and GUID placed in session, I would also like to have the IDProfileAccount record placed in session as well so that I can filter the records the user sees as only those records of the Company the user is associated with. I know how to add static variable to a session and how to retrieve them to filter data, what I need to know is how to retrieve the data from the SQL table on login and sending it to the session. I would think it would be something along these lines:Partial Class login Inherits System.Web.UI.Page Protected Sub Logi

Get an exception while debugging a Stored Procedure

Hi all,      I am using SQL Server 2008 Standard x64 edition on windows 7 desktop. When I try to debug my stored procedure I receive following message. Unable to Start T-SQL Debugging. Could not Attack to SQL SERVER process on 'ADMIN-PC'.Click Help for more Information   And same operation is perfomed sucessfully with same SQL Server user sa with admin windows user. When I receive this message I am using a Standard type windows account. But when I change the account type to Administrator , still this operation dont work. Can any one tell me what's wrong? Nilkanth Desai  

Forms authentication and Active Directory? Help!

Hi, im new to sharepoint 2010. im in a situation whereby i would like to allow users that already have Active directory accounts log into sharepoint. The problem arises when i need to allow external users to log into the sharepoint site too and it will not be possible to add them into the active directory. Is there a way to resolve this problem? Appreciate all help given! Thanks! norphos

Active Directory user impersonation with forms authentication

I've written a small ASP.NET 3.5 application to allow users to update selected account attributes on their own. Everything works fine when I use Basic Authentication, but because the dialog that is presented is less than ideal, I'd like to use forms authentication to give the users more instruction on how to log in. My problem is that in order for the user to update their account information, I have to have the application impersonate them for the update actions. I've scoured the internet trying to find a solution to my issue, but nothing fits or works. I have tried setting the web.config:<identity impersonate="true" /> but that doesn't seem to work. I also have the C# code using the WindowsImpersonationContext class, but still no luck. protected void titleTextBox_TextChanged(object sender, EventArgs e) { TextBox tb = (TextBox)sender; string fieldTitle = "job title"; string fieldName = "title"; if (userDirectoryEntry == null) CaptureUserIdentity(); try { WindowsImpersonationContext impersonationContext = userWindowsIdentity.Impersonate(); if (String.IsNullOrEmpty(tb.Text)) userDirectoryEntry.Properties[fieldName].Clear();

Supporting forms authentication SharePoint sites

Hello, I am changing the type of authentication in SharePoint to Form authentication.I create a document Library and I choose as a Document Model (Microsoft Office Word 2007). The problem is : "I can't create a new Item Document Word". It disappear.   I am using this article (http://blogs.msdn.com/b/sharepoint/archive/2009/05/13/update-on-sharepoint-forms-based-authentication-fba-and-office-client.aspx ) to solve my problem. The problem is I don't find the registry key HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Internet\FormsBasedAuthSettings
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend