Pergunta
I am using Forms Authentication in an ASP.NET 3.5 application. When I login, I can see in Chrome that the auth cookie has been set and is being sent back to the ASP.NET Development Server.
However, by the time it reaches this code in Global.asax:
https://stackoverflow.com/questions/22790208
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianvoid Application_AuthenticateRequest(object sender, EventArgs e)
{
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = Context.Request.Cookies[cookieName];
the auth cookie set by my code is no longer present! Even though Chrome has sent the cookie for that request! Only the ASP.NET session cookie is visible in the Context.Request.
I've tried changing the name of the auth cookie, but that didn't help.
By the way, it is also requesting the browser to do NTLM auth even though I have changed the web.config to specify forms auth.
Solução
The problem was that I was receiving the following error in the event log:
Forms authentication failed for the request. Reason: The ticket supplied was invalid.
but I had not looked at the event log.
Apparently it is a requirement of ASP.NET to set the cookie value to an encrypted ticket, as shown in this code sample. Despite what some of the documentation implies, you cannot just put anything you want in the forms authentication cookie.
