The creation time = the expiration time when you create a peristent cookie.
Creation time = expiration time + timeout when you create a
non-peristent cookie.
The expiration time is not your problem. I bet you will find the
IsPeristent property on the FAT is true.
HttpCookie c = Request.Cookies["cstuffauth1234"];
FormsAuthenticationTicket fat = FormsAuthentication.Decrypt(c.Value);
So, back to your original question:
>> basically when the user is re-directed to the new page their
authentication info is not
>>recognised as if the cookie is not recognised.
What do you mean by this? According to your code, if the user gets to
the redirected page, they have been authenicated. What authentication
info is not recognized? Are you sure you looking at the correct
cookie? You might want to change the cookie name, to force a new log
in, and not rely on possibly cached credentials.
BTW, to be a little more secure, it is a better practice not to
indicate the cause of the login error.
On 11/17/05, Dean Fiala <[EMAIL PROTECTED]> wrote:
> What is your path setting for the cookie?
>
> What is the timeout setting for the form?
>
>
> On 11/17/05, Julian Voelcker <[EMAIL PROTECTED]> wrote:
> > Hi Dean,
> >
> > > Are your web.config files identical?
> >
> > Yes, the sites were exact replications of each other.
> >
> > > What does your
> > > authentication/forms element look like?
> >
> > I am using a custom security principle, but that and the login code hasn't
> > changed. I'm using:
> >
> > TLSecurityManager smSecurity = new TLSecurityManager();
> > string sAuthenticated = smSecurity.Authenticate(txtUserID.Text,
> > txtPassword.Text);
> > if(sAuthenticated != "Password" && sAuthenticated != "Fail") {
> > FormsAuthentication.SetAuthCookie(sAuthenticated, ckSave.Checked);
> > this.Page.Response.Redirect("/tlhome.aspx",false);
> > } else {
> > if(sAuthenticated == "Password") {
> > litLoginMessage.Text = "<p class='err'>Invalid Password, Please try
> > again.</p>";
> > } else {
> > litLoginMessage.Text = "<p class='err'>User ID not found, Please
> > try again.</p>";
> > }
> > }
> >
> >
> > The security cookie is issued, but with the expiration date and time set to
> > be the same as the date and time it was issues so it gets ignored.
> >
> > I can't see any reason why this is happening.
> >
> > Does anyone have any ideas?
> > --
> > Cheers,
> >
> > Julian Voelcker
> > The Virtual World (UK) Limited
> > Cirencester, United Kingdom
> >
> >
> >
> >
> >
> >
> > Yahoo! Groups Links
> >
> >
> >
> >
> >
> >
> >
> >
>
>
> --
> Dean Fiala
> Very Practical Software, Inc
> http://www.vpsw.com
>
--
Dean Fiala
Very Practical Software, Inc
http://www.vpsw.com
------------------------ Yahoo! Groups Sponsor --------------------~-->
1.2 million kids a year are victims of human trafficking. Stop slavery.
http://us.click.yahoo.com/WpTY2A/izNLAA/yQLSAA/saFolB/TM
--------------------------------------------------------------------~->
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/AspNetAnyQuestionIsOk/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
