All geek questions in one place

Unable to set FormsAuthenicationTicket.UserData in cookieless mode

I am trying to complete the section "Writing Information in UserData" in this article , but it does not work properly when a cookie is part of a URI.

My code is:

// Create the cookie that contains the forms authentication ticket
HttpCookie authCookie = FormsAuthentication.GetAuthCookie( userName, createPersistantCookie );

// Get the FormsAuthenticationTicket out of the encrypted cookie
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt( authCookie.Value );

// Create a new FormsAuthenticationTicket that includes our custom User Data
FormsAuthenticationTicket newTicket = new FormsAuthenticationTicket( ticket.Version, ticket.Name, ticket.IssueDate, ticket.Expiration, ticket.IsPersistent, "foo");

// Update the authCookie Value to use the encrypted version of newTicket
authCookie.Value = FormsAuthentication.Encrypt( newTicket );

// Manually add the authCookie to the Cookies collection
HttpContext.Current.Response.Cookies.Add( authCookie );

// Determine redirect URL and send user there
string redirUrl = FormsAuthentication.GetRedirectUrl( userName, createPersistantCookie );

HttpContext.Current.Response.Redirect( redirUrl, false );

When cookieless is used, the page redirects but does not receive the correct URI with cookie information, so it returns to my login page, where Request.IsAuthenticated returns false. There is an endless cycle.

How to redirect to the desired URI?

+3
source share
2 answers

I found this to be an interesting problem, so I started doing some digging, testing, and a bit of debugging in the .net source code.

, , , . , Response.Cookies, , cookie. Request.Browser.Cookies, , cookie.

asp.net cookieless, cookie. , , .

URI, , URI. , Microsoft, , .

, , FormsAuthentication.GetAuthCookie() FormsAuthentication.SetAuthCookie(), , URI ... ... auth . .

...

, cookie... cookieless , "persistant cookie", , , .

, cookieless, , , cookieless- . URI, . , .

, URI . pathdata. , ( - , URL- , ).

+4

, . , cookie, UserData .

, , :

if( !HttpContext.Current.Request.Browser.Cookies || !FormsAuthentication.CookiesSupported )
{
    FormsAuthentication.RedirectFromLoginPage( userName, false);
    return;
}
+1

Source: https://habr.com/ru/post/1699126/

More articles:


All Articles