Wrox Programmer Forums
|
ASP.NET 1.0 and 1.1 Professional For advanced ASP.NET 1.x coders. Beginning-level questions will be redirected to other forums. NOT for "classic" ASP 3 or the newer ASP.NET 2.0 and 3.5
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP.NET 1.0 and 1.1 Professional section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old February 27th, 2006, 05:54 PM
Registered User
  
Join Date: Feb 2006
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Forms Authentication: Cookie Lost.?
We have big time on this issue. any help appreciated.

Issue: The Clients login to our Site with username/password/storeId and get authenticated & will be able to order "something" using Order.aspx page. Intermittently, they get directed to login page while in order.aspx (and authenticated, working for some time).
Environment:
Web farm - 3 Web server load balanced (using Big-IP software-> http://ww.F5.com)
Session: Inproc [Big IP uses Sticky sessions to route the requests to same server where it had been first contacted]. We are pretty sure this works as we donot have issues with other applications on the same servers/load balancer.

So far, we have tried :
1. Tried all cases in :: http://support.microsoft.com/?id=910439
    Nothing seems to be problem.
2. Authentication Expiry:
set to 60 minutes, Sliding expiration=true (by default). Session expries in 26 hours. (just in case!)
3. Cookies: Client does not clear cookies, allow cookies (both Client/3rd Party)
   Size: does not matter, as we dont store anything in those cookies.
4. Called MSFT support:
     - tried Viewstate logger
     - tried Formsauthenticaiton logger
   found that the cookie is lost, so it redirects to login.aspx
5. We are trying to capture a netmon Network Log to help MSFT to see if it is our Network causing the packets to be lost.
 (I think it does not, as it works for 90% stores, only 10% get kicked out.) This happens even before the Forms Auth Timeout or Session Time out.

(FYI: All three servers have same Key on Machine.config (for encryption). And EnableViewStateMAC is set to false at the application level, so it does not look for decrypting Viewstate. This was done to avoid an error - viewstate corruption that was our initial trouble. We have rectified it, but not this issue.)

Not sure why it would lose the cookie. We donot have any ISAPI filters, no hardware that removes cookies. Stopped the Antivirus on the servers (suggested by MSFT - duh!) .whatelse...

We use Pass-through using POST i.e. they hit a link, the link POSTs username/secureKey/timestamp & we validate them in our side & do not ask for password again. - It does not matter as it is handled in ValidUser Method. After that it is standard for both logins.

Our code?
Login:
If ValidUser()
    FormsAuthentication.RedirectFromLoginPage(username , False)
else
   CheckforTyposAgain()


Order.aspx:

if not authenticated, Redirect to Login.aspx

Thanks a ton!

-Jay
 
Old August 25th, 2006, 01:04 AM
Registered User
  
Join Date: Aug 2006
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Did u ever solve this problem?
Thanks





Similar Threads
Thread Thread Starter Forum Replies Last Post
Persistent cookie with forms atuthentication mike_remember ASP.NET 2.0 Professional 1 April 5th, 2007 11:28 AM
Forms Authentication thetway Classic ASP Basics 1 August 18th, 2005 05:55 PM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.