Re-authenticate prior to server.transfer

  • Thread starter Thread starter Alfred Salton
  • Start date Start date
A

Alfred Salton

I am posting a form with data which has timed-out and forced a login. I
assumed that the following code would re-authenticate the session
(assuming the supplied userName and password are correct) but it does
not. Can anyone suggest the solution?

if FormsAuthentication.Authenticate(tbUserName.Text, tbPassword.Text) then
FormsAuthentication.SetAuthCookie(tbUsername.Text, false)
Server.Transfer("destinationPage.aspx", true)

'This works, but doesn't transfer the form data.
'FormsAuthentication.RedirectFromLoginPage(tbUsername.Text, false)
else
lblMessage.Text = "<font color=red>Sorry, " & _
"invalid username or password!</FONT><P>"
end if
 
To persist a cookie, you must allow a response to get back to the client,
which is what the RedirectFromLoginPage does. The Server.Transfer transfers
page execution at the server level, not the client level, so your auth
cookie never gets to the client for your required authentication.

You'll need to find a way to persist your form values using a
response.redirect, not a server.transfer, using this method. Perhaps save
this data in the session, DB or other means.
 
To persist a cookie, you must allow a response to get back to the client,
which is what the RedirectFromLoginPage does. The Server.Transfer transfers
page execution at the server level, not the client level, so your auth
cookie never gets to the client for your required authentication.

You'll need to find a way to persist your form values using a
response.redirect, not a server.transfer, using this method. Perhaps save
this data in the session, DB or other means.
Click to expand...

So I'd like to re-establish the authentication on the server - surely
this is possible. The server already knows the ultimate destination
URL, the form data and the user credentials.
 
Back
Top