Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Forms Authentication multiple websites
- Thread starter angst11
- Start date
Is the other site part of the same application? I'm missing something
1. User logs in.
2. User is redirected to another site (seperate from login)
3. User returns to site and is required to login again
4. User isn't redirected to another site again?
Not sure what you meant by "After that it works fine". If you're totally redirecting to another page, and the session dies...and you aren't writing a cookie to the client and checking it upon return to the login screen, then it makes sense that they're supposed to re-login.
Let me know if I'm missing something and what you'd rather have it do.
D'Arcy
1. User logs in.
2. User is redirected to another site (seperate from login)
3. User returns to site and is required to login again
4. User isn't redirected to another site again?
Not sure what you meant by "After that it works fine". If you're totally redirecting to another page, and the session dies...and you aren't writing a cookie to the client and checking it upon return to the login screen, then it makes sense that they're supposed to re-login.
Let me know if I'm missing something and what you'd rather have it do.
D'Arcy
I am assuming that your users are shown another login page right after they log on. Hence, they have to login twice?
If that's the case, I had a similar problem earlier. It turns out that, for my case, the problem comes from using Server.Transfer() with storing Session state. So my initial code looks something like this:
This caused the page to be displayed twice to the users somehow. The second one does nothing because the user validation has been done the first time.
The problem apparently comes from the volatility of the Session state data. When I did Server.Transfer(), I was essentially interrupting the Session state processing somehow. So the solution for my case is to either use FormsAuthentication.RedirectFromLoginPage(), or Response.Redirect() with the second parameter set to false. FormsAuthentication.RedirectFromLoginPage() requires you to use "default.aspx" (I can't figure out how to use it with other page name), or if you decide to use another name for your page, use Response.Redirect().
The final code looks something like this.
Hope it helps.
Henry
If that's the case, I had a similar problem earlier. It turns out that, for my case, the problem comes from using Server.Transfer() with storing Session state. So my initial code looks something like this:
Code:
Session["somevalue"]="value";
FormsAuthentication.SethAuthCookie("username",false);
Server.Transfer("somepage.aspx");This caused the page to be displayed twice to the users somehow. The second one does nothing because the user validation has been done the first time.
The problem apparently comes from the volatility of the Session state data. When I did Server.Transfer(), I was essentially interrupting the Session state processing somehow. So the solution for my case is to either use FormsAuthentication.RedirectFromLoginPage(), or Response.Redirect() with the second parameter set to false. FormsAuthentication.RedirectFromLoginPage() requires you to use "default.aspx" (I can't figure out how to use it with other page name), or if you decide to use another name for your page, use Response.Redirect().
The final code looks something like this.
Code:
Session["somevalue"]="value";
FormsAuthentication.SetAuthCookie("username",false);
Response.Redirect("somepage.aspx",false);Hope it helps.
Henry
The link coming back to the logged in site needs to be the same domain and not an ip address or some other redundant domain.
If you login with
Then when you come back to the site, using the same browser,
the domain should be the same. If you came back with an IP like 208.123.123.1 instead of then you have to log back in again.
Keeping it Simple
If you login with
Then when you come back to the site, using the same browser,
the domain should be the same. If you came back with an IP like 208.123.123.1 instead of then you have to log back in again.
Keeping it Simple
If the session hadn't timed out then that wouldn't be the case...
--------------------------------------------------------------------------------------------------------------------------------------------
Need help finding an answer?
Try the search facility ( or read FAQ222-2244 on how to get better results.
--------------------------------------------------------------------------------------------------------------------------------------------
Need help finding an answer?
Try the search facility ( or read FAQ222-2244 on how to get better results.
- Status
Similar threads
- Locked
- Question