Can Form Authentication work without cookies? - Level Extreme

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

Can Form Authentication work without cookies?

Message

From

14/03/2006 16:56:53

Keith Payne
Technical Marketing Solutions
Florida, United States

To

14/03/2006 15:09:05

Dmitry Litvak
Massachusetts, United States

General information

Forum:

ASP.NET

Category:

Other

Title:

Re: Can Form Authentication work without cookies?

Miscellaneous

Thread ID:

01104350

Message ID:

01104390

Views:

11

>I am having a problem with my LogIn form redirecting to default page.
>
>I know my IE does not create a cookie for LOCALHOST so I thought maybe if I change the setting to run the page without cookies, it will work. What I did is set the value cookieless to true, as in:
>
>

><sessionState
>   cookieless="true"
>/>
>

>
>But even with the setting above, the call to
>
>

>FormsAuthentication.RedirectFromLoginPage( "user", false);
>

>
>does not redirect to default page.
>
>That's why I am wondering if Cookies MUST be working for Forms Authentication.
>
>Please let me know.

Dmitry,

Yes, you have to use cookies for Forms Authentication. The setting that you changed in the web.config does not affect Forms Authentication in any way. SessionState cookieless="true" tells the session class to use a Url querystring to store the session ID instead of a cookie.

If you are still having trouble identifying the cookie that is created, try placing Response.Write(FormsAuthentication.FormsCookiePath & "\" & FormsAuthentication.FormsCookieName) in the page_load. This will tell you exactly where the cookie is.

Also, you have to set values for the isPersistent and Expiration arguments in the FormsAuthenticationTicket constructor. If you do not, IE will delete the cookie file as soon as the request is sent to IIS. I.e. you will never see the cookie in the Cookie folder.

Click here to load this message in the networking platform