.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

authentication cookie persistance

Posted By:      Posted Date: August 31, 2010    Points: 0   Category :ASP.Net
Hi All, I have set my authentication cookie persistance to true on a aspx website, this works great! Now I have made an affiliate website (HTML + iframe (same aspx)) and it does not keep my user logged in after closing browser. How can I fix this?   Thanks 

View Complete Post

More Related Resource Links

Sharing authentication Cookie between asp.net and sharepoint applications

Hi All, I have a requirement to share the authenication cookie between my asp.net application with sharepoint site. asp.net application and sharepoint appli are in the same domain and using the same custom authentication provider to login. I have used same cookie name and same machine key for two applications. But i could'nt see any progress.... My actual requirement is.... if i open my asp.net application and logged in, then in the next tab i will open sharepoint fba site.... then it shouldn't ask for credentials again, directly it should login with the credentials which i used for asp.net application. Thanks in advance.

Forms authentication cookie persists


I have an MVC(Asp.Net 4) site that uses forms authentication and  I have users complaining that if they close the browser(or tab) the site rembers them and this is not what we want. The site is running on IIS7 and below is my web.config authentication section:

<forms loginUrl="Account/Logon

ASP.NET PageMethods - Forms Authentication Cookie Not Always Sent


Since last week I've had a really odd issue with PageMethods, the forms authentication cookie, and the back button which i've never seen before.

Essentially, I have a 'home page' which on document.ready (using jQuery), loads some data through PageMethods, and then renders a list - from which you can click through to a details page about  the item. In general use, it works fine. However, using the back button after clicking through (ie: going back to the home page), it throws a PageMethods error. The browser's 'authentication required' prompt appears, and if you click cancel, the server returns a 401. The error returned by PageMethods on the client side is 'authentication failed'.

After inspecting the request in Fiddler, the forms authentication cookie isn't sent with the request, which would explain why it is happening. My fiddler entry for the request looks like this:


The weird thing is, this happens as soon as you click the link and click back. It's not like the authentication cookie has expired or anything, and if you click cancel when the prompt appears and refresh the page, it works fine (and the cookie is sent). I just can't work out what is going on.

When it works, my Fiddler entry looks like this

How can I read data from the Forms Authentication Cookie


I am using Forms Authentication to secure a site. I am using the "user defined data area" to store an account number. I am then encrypting the ticket.


string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);

How can I read the "user data" in the cookie? Thanks for the help!

ASP.Net membership Authentication and ASPXAUTH cookie size


Apologies if this is the incorrect forum, I did already try to post in the Windows WPF forum but "Bob" said I should post here.. Please let me know if it should have been posted elsewhere. Also, let me know if I need to clarify anthing. Thanks in advance for any suggestions, direction pointing, etc.

Without reading the whole text below, since this is on the ASP.Net side  ... basically I think I need to know if there is a way to reduce the size of the forms authentication cookie. When using a DotNet 2.0 website, the ASPXAUTH cookie is about 232 bytes ... when using the same source code but upgraded to DotNet 4.0. the cookie is approximately 264 bytes, setting the ticketCompatabilityMode does not reduce the size since I think the default setting is Framework20. I length of the cookie, including the its' name can not be larger than 256 bytes in order to use it with the "Client Application Services".

I only did a cursory search of the asp.net forums, but will dilligently look for an existing solution.

Again, thanks in advance for any assistance.
I have been using all three features of  client application services (authentication, profiles, and roles) in my windows app (DotNet 3.5 framework) for almost two years now. Up until now, I have not had any probl

Forms Authentication Cookie not showing up in Request.Cookies Collection


While migrating my ASP.NET 1.1 application to 2.0, I've noticed something very odd that I can't explain:

When a user is authenticated via forms authentication, the forms authentication cookie is visible in the application trace (both in the httpheaders and the request.cookies section).  If I view the request.cookies collection using code in the application, I see the forms authentication cookie in the collection (as well as a "control" cookie I added for comparison).

If I log out of the application, the forms authentication cookie is gone and is not viewable anywhere (as expected).

Here's what's strange: When the login session of an authenticated user expires after 5 minues, the forms authentication cookie is still present.  This is expected as it is a non-persistent cookie and should remain in memory until the browser is closed.  When viewing the trace information, I see the forms authentication cookie in both the http headers and the request.cookies collection.  However, when I view the request.cookies collection from within the application using code, it is NOT there.  (The "control" cookie is, as expected)  I even took the step of reading the cookie in through javascript, and that does in fact work.

I've gone over this for hours using many

Web Services - Returning a Cookie from the web service im calling after authentication



I am trying to call an authentication method on a web service that returns a cookie, however when i call the web service, I just get the SOAP object returned, how do i get the cookie back after I have been authenticated ?

Any help or pointers appriciated

Kindest regards


Explained: Forms Authentication in ASP.NET

This module explains how forms authentication works in ASP.NET version 2.0. It explains how IIS and ASP.NET authentication work together, and it explains the role and operation of the FormsAuthenticationModule class.

Using Forms Authentication in ASP.NET - Part 1

Classic ASP developers often had to "roll their own" authentication scheme, however, in ASP.NET much of the grunt work has been taken out. This article outlines how things have changed and how FormsAuthentication can be used to secure a Web site with a minimal amount of code.

ASP.NET Forms Authentication - Part 1

Often, in legacy Web applications, users authenticate themselves via a Web form. This Web form submits the user's credentials to business logic that determines their authorization level. Upon successful authentication, the application then submits a ticket in the form of a cookie, albeit a hard cookie or session variable. This ticket contains anything from just a valid session identification access token to customized personalization values.

ASP.NET forms authentication with roles

.A timeout is specified in minutes. This is "time since last request" not the "time since login". If a login is indicated to be persistent (described later) this is ignored.
.A protection method is specified for the cookie.
Next I wanted to specify a folder to which access is restricted to people who have logged in. To do this I entered the following code in the web.config file (beneath

Forms Authentication in ASP.NET

In this tutorial you will learn about Forms Authentication in ASP.NET 2.0 - Forms Authentication class, Cookie Domain, Forms Cookies, The Login Control, Signin, Signout, Authenticate, Redirect, Login Status, Login Name and Login View Controls.

Web Matrix + Windows Authentication


I'm curious if its possible to get windows auth working with asp.net webpages/webmatrix.

I've got it published to IIS with windows auth turned on and anonymous/forms/basic turned off.

I'm guessing the WebSecurity Helper probably won't work here but can you access User.Identity.Name etc?

Sorry for the newbie questions, I've only just started working with asp.net ^^,

Problems with Forms Authentication in DD 4 site


Hello,  I am seeing a strange problem with Forms Authentication in my DD site.   A user logs into and can view/edit/delete data all day, but when they execute a Custom Filter against data (for example , a control DynamicData/Filters/CustomerLastNameSearch.ascx ) then the site auth fails, and redirects to the log in screen.

in web.config I have

     <authentication mode="Forms">
            <forms name=".Star" loginUrl="~/Login.aspx" protection="All" defaultUrl="~/Default.aspx" path="/" timeout="43200" cookieless="UseCookies" />     

Offhand, I am thinking two things : that DynamicData/Filters path requires some special handling for some reason, or the control extension ascx is causing auth to get confused.   Has anyone else experienced this or have any suggestions?  Thanks!

Sharing authentication ticket between two applications


Hi all,

I have two web applications:

1. http://www.mysite.com - primary app running at the root of the web server

2. http://www.mysite.com/second_app - running in a virtual directory

At user authentication, I'm using FormsAuthenticationTicket to set up authentication cookies. Is it possible to share the same cookie for both the apps?

Any help would be much appreciated.

Many thanks!

Windows Authentication for IIS in Windows 7 Home Premium Edition - for ASP Websites.


How to create a virtual directory and get benefit of the IIS. Is there a workaround to accomplish this without the Windows Authentication for Windows 7 Home Premium Edition?

Thanks in advance, 

How to authenticate local user usin ldap or non domain authentication



I created one application, and I need to authenticate local user. This user is the user who is login to his/her Personal Computer.. Main thing his that he/she does not in any DOMAIN... I want NON-DOMAIN authentication.. any how.... please help...

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend