.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

ASP.NET Forms Authentication Issue - IE8

Posted By:      Posted Date: October 14, 2010    Points: 0   Category :ASP.Net


I've recently noticed a problem that prevents users from logging into my website when running IE8 on Vista.  I think it is a security issue that prevents the authentication cookie from working.  There seems to be an issue with either of these two methods:


Authentication works ok in FireFox and Google Chrome running on the same Windows Vista machine with the IE8 problem.  Authentication works ok on a 2003 server computer running IE7.  I'm pretty sure authentication was working previously in IE8 - maybe the issue is related to a recent hotfix?

I managed to get authentication to work in IE8 by adding my website to the "trusted sites" zone.  Also, it worked ok when I disabled "Protected Mode". 

Has anybody else had this problem?  Also, is there a way to get this working without forcing people to make changes to their IE security settings?

 Many Thanks,



View Complete Post

More Related Resource Links

Issue with Forms Authentication


 I'm in the middle of converting an intranet application to use forms authentication. The authentication process works fine for the core application and all the nested classic asp pages. However, my nested asp.net applications do not work. I have mapped their web.configs to the correct login url. If I attempt to access them after logging in, I am automatically redirected to the homepage of the intranet application. If I try to access them directly, I am redirected to the login screen, as I should be, and then the intranet homepage after the login process, instead of the page I need to access.

At first, I thought there might be some remnant of the security processes in the nested applications, but it does it for applications that have no security processes other than the one for the core intranet.

Since this is my first crack at using forms authentication, I'm assuming I've missed some step. Any ideas?

Here is the section of my web.config:

<authentication mode="Forms">

      <forms loginUrl="~/folder/loginpage.aspx" name="Cookie Name"></forms>


      <deny users="?" />
      <allow users="*"/>

Cannot Login with Forms Based Authentication to SharePoint 2010 - Issue with the SecurityTokenServic

Please be advised I have followed the steps on http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/. I have tried to fix the following issue for a week using different farms and SharePoint 2010 installations, however I am getting the following error when trying to authenticate using Forms Based into a Claims site: Cannot get Membership Provider with name FBARoleProvider The membership provider for this process was not properly configured. You must configure the membership provider in the .config file for every SharePoint process. 1. I am certain the membership provider is configured in the SecurityTokenServiceApplication webservice as I can manage users and roles in IIS7 using the SecurityTokenServiceApplication website. 2. I am certain that membership provider is configured in the both the Claims Web Application and Central Admin as I can manage users and roles in IIS7 using their websites. 3. I know the issue is the SecurityTokenServiceApplication service as I had to set <serviceDebug includeExceptionDetailInFaults="true" /> to get the error above. 4. I can log into the Claims Based Application using windows authentication, however I am unable to see the users on the people picker despite that I can see them from the application's site on IIS

Login issue using authentication mode="Forms"

Hi,I am using authentication mode="Forms" with ldap, i manage to login and logour fine but when user 1 is logged and when user2 logs, user1 gets the user2 session. Any idea why this might be happening? Here is some code:     <authentication mode="Forms">            <forms name="login" loginUrl="Login.aspx" />        </authentication>        <authorization>            <allow roles="auditor"/>            <allow roles="approver"/>            <allow roles="user"/>            <deny users="?"/>        </authorization>        <identity impersonate="true"/>protected Boolean ValidateUser(String strUsername, String strPassword)        {            //Return true if the username and password is valid, false if it isn't             &n

Explained: Forms Authentication in ASP.NET

This module explains how forms authentication works in ASP.NET version 2.0. It explains how IIS and ASP.NET authentication work together, and it explains the role and operation of the FormsAuthenticationModule class.

Using Forms Authentication in ASP.NET - Part 1

Classic ASP developers often had to "roll their own" authentication scheme, however, in ASP.NET much of the grunt work has been taken out. This article outlines how things have changed and how FormsAuthentication can be used to secure a Web site with a minimal amount of code.

ASP.NET Forms Authentication - Part 1

Often, in legacy Web applications, users authenticate themselves via a Web form. This Web form submits the user's credentials to business logic that determines their authorization level. Upon successful authentication, the application then submits a ticket in the form of a cookie, albeit a hard cookie or session variable. This ticket contains anything from just a valid session identification access token to customized personalization values.

ASP.NET forms authentication with roles

.A timeout is specified in minutes. This is "time since last request" not the "time since login". If a login is indicated to be persistent (described later) this is ignored.
.A protection method is specified for the cookie.
Next I wanted to specify a folder to which access is restricted to people who have logged in. To do this I entered the following code in the web.config file (beneath

Forms Authentication in ASP.NET

In this tutorial you will learn about Forms Authentication in ASP.NET 2.0 - Forms Authentication class, Cookie Domain, Forms Cookies, The Login Control, Signin, Signout, Authenticate, Redirect, Login Status, Login Name and Login View Controls.

Problems with Forms Authentication in DD 4 site


Hello,  I am seeing a strange problem with Forms Authentication in my DD site.   A user logs into and can view/edit/delete data all day, but when they execute a Custom Filter against data (for example , a control DynamicData/Filters/CustomerLastNameSearch.ascx ) then the site auth fails, and redirects to the log in screen.

in web.config I have

     <authentication mode="Forms">
            <forms name=".Star" loginUrl="~/Login.aspx" protection="All" defaultUrl="~/Default.aspx" path="/" timeout="43200" cookieless="UseCookies" />     

Offhand, I am thinking two things : that DynamicData/Filters path requires some special handling for some reason, or the control extension ascx is causing auth to get confused.   Has anyone else experienced this or have any suggestions?  Thanks!

Forms based users being prompted for windows authentication login for My Sites photos in user lists

Here's an issue I didn't see coming for our forms based authentication users. 

We have a web application extended to an external url to handle forms based authentication for users outside of our domain. Our setup looks like this...

Internal Users/Windows Authentication - moss.domain.com
External Users/Forms Based - mossext.domain.com
My Site for Internal Users - mysites.domain.com

When our forms based users are accessing user lists, or discussion pages that display user pictures, they are getting a windows authentication login for our internal users (mysites.domain.com) who have populated their my site with personal photo.

How do we fix this? 

Re-authentication issue when openeing a MS Word Document


We have a SharePoint installation for one of our clients with external access enabled using https via ISA server. When accessing the portal internally within the intranet/domain its fine. In case of external access using https when users login to portal adn when they try to open a MS Word (or any Office) document they are prompted to to enter their username and password again. It happens for every MS Office document. We are using MOSS 2007, Office 2007. I know that the promp for re-authentication is is due to the fact that office try to open a new session but is there any work around to overcome this.

Any help will be highly appreciated.



403 Forbidden - Forms Authentication


Form template has cascading dropdown lists.  When item selected from first list, form code executes a FileQueryConnection to retrieve data from a list to populate 2nd listbox.  Getting 403 forbidden when explicitely attempting to retrieve data from code.  Form is using connections from a data connection library.  The template works perfectly when deployed to a windows authenticated site.  Fails when executed from the forms authenticated site.


Windows authentication login form issue


Hi guys,

I have an application that requires windows authentication to login, the problem is that every time an user logs in under IE and win XP, the username is pre filled with the IP address of the server as instance and the username. I need to replace the server ip with  XXXX instance name instead of doing this manually.

Could anyone pleas help me out with this one?

Thanks in advance,


Automatic expiration of forms authentication when user closes the browser windows without signing ou

Dear all, can u tell me how to automatically sign out a user if he/she closes the browser window without signing out. I'm using Forms Authentication.   Thanks 

windows authentication issue with different domain

Webservice(frame work 2.0 & VB.NET) connecting to SQL Server 2008 in Windows Authentication mode and WS configured on App pool with domain\user id credentials and granted full access to temp folder still getting the following error. System.InvalidOperationException: Unable to generate a temporary class (result=1). error CS2001: Source file 'C:\WINDOWS\TEMP\ixymjcwh.0.cs' could not be found error CS2008: No inputs specified at System.Xml.Serialization.Compiler.Compile(Assembly parent, String ns, XmlSerializerCompilerParameters xmlParameters, Evidence evidence) at System.Xml.Serialization.TempAssembly.GenerateAssembly(XmlMapping[] xmlMappings, Type[] types, String defaultNamespace, Evidence evidence, XmlSerializerCompilerParameters parameters, Assembly assembly, Hashtable assemblies) at System.Xml.Serialization.TempAssembly..ctor(XmlMapping[] xmlMappings, Type[] types, String defaultNamespace, String location, Evidence evidence) at System.Xml.Serialization.XmlSerializer.FromMappings(XmlMapping[] mappings, Evidence evidence) at System.Web.Services.Protocols.XmlReturn.GetInitializers(LogicalMethodInfo[] methodInfos) at System.Web.Services.Protocols.XmlReturnWriter.GetInitializers(LogicalMethodInfo[] methodInfos) at System.Web.Services.Protocols.MimeFormatter.GetInitializers(Type type, LogicalMethodInfo[] methodInfos) at System.Web.Services.Protocols.H

Forms Authentication Add SQL Database Variable

I am using Forms Based Authentication I have extended the Forms Authentication Tables creating a custom table called Profile_Contact that holds the user's GUID, username, email address, and other information. I have another table called Profile_Account which holds company account information such as Company Name, address info, phone numbers etc. This table has a Key Field called IDProfileAccount. I include the IDProfileAccount field in the ProfileContact user table so I can associate the user with a specific Company.For the login page, I am using a basic login page created with using the Visual Studio login controls.When the user logs in, they are sent to the appropriate page as identified by the role the user has been given. This all works great. Now I need to extend the login page so that when the user logs in not only is the user's name and GUID placed in session, I would also like to have the IDProfileAccount record placed in session as well so that I can filter the records the user sees as only those records of the Company the user is associated with. I know how to add static variable to a session and how to retrieve them to filter data, what I need to know is how to retrieve the data from the SQL table on login and sending it to the session. I would think it would be something along these lines:Partial Class login Inherits System.Web.UI.Page Protected Sub Logi

Forms authentication and Active Directory? Help!

Hi, im new to sharepoint 2010. im in a situation whereby i would like to allow users that already have Active directory accounts log into sharepoint. The problem arises when i need to allow external users to log into the sharepoint site too and it will not be possible to add them into the active directory. Is there a way to resolve this problem? Appreciate all help given! Thanks! norphos
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend