Basically, there is a requirement on my site, which means that all cookies must be protected. I am trying to protect the FormsAuthentication cookie, however, I would like to not have to set SSL on my local developer site, however live sites will still protect the cookie.
This live / dev status is saved in the xml configuration file. This file contains settings for each machine on which the site is running. Access to it is possible through Config.IsSecure
if (Config.IsSecure)
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, login.Username, DateTime.Now, DateTime.Now.AddMinutes(30), false, "User", FormsAuthentication.FormsCookiePath);
string cookieStr = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieStr);
cookie.Path = FormsAuthentication.FormsCookiePath;
System.Configuration.Configuration configuration = WebConfigurationManager.OpenWebConfiguration("~");
AuthenticationSection authenticationSection = (AuthenticationSection)configuration.GetSection("system.web/authentication");
FormsAuthenticationConfiguration formsAuthentication = authenticationSection.Forms;
formsAuthentication.RequireSSL = true;
cookie.Secure = true;
configuration.Save()
}
FormsAuthentication.SetAuthCookie(login.Username, false);
So, I get an error in the "Save" section. A statement that there is a temporary file that cannot be accessed.
Any idea how I can solve this?
Gurpreet