J
Jim
Hi,
I have an Asp.Net 1.1 site which uses basic forms authentication. This
has been working fine, since way back in the 1.0 days. Twice in the last 2
months, a client has been unable to log in, once each on both her home
machine and her work machine. She gets the login screen, then gets redirected
there once again, continuously. There is no incorrect login message, and I
see a DB entry for her successful login, so I know she is using a correct
username/password. But instead of writing the cookie and moving on to the
regular admin page, she is redirected back to the login screen.
She has logged in every workday for 4 years. My code has not been changed
in the last 3 weeks.
This happens with IE 6. She has cleared her cookies, history, and temp
files, with no change. She downloads Netscape and logs in on the first try.
With IE, after clearing her cookies, she attempts a login, and is
authenticated just fine (according to the DB entry), but no cookie appears,
and back she goes to the login screen. She had a valid cookie yesterday (and
every workday for years), but if the cookie was corrupted, deleting cookies
should have fixed that, and a new one should have been written.
It's almost as if the writing of the new cookie failed on the client. Has
anyone ever heard of such a thing? Or is this absolutely something with my
(very simple) login code, even though it worked fine for years, worked 1
minute later with Netscape, and will probably work again tomorrow.
I will be updating my code over the winter to use 2.0's role-based stuff,
but I'm not sure if this will make this very intermittent problem disappear.
Thanks in advance for any help/ideas/insight.
I have an Asp.Net 1.1 site which uses basic forms authentication. This
has been working fine, since way back in the 1.0 days. Twice in the last 2
months, a client has been unable to log in, once each on both her home
machine and her work machine. She gets the login screen, then gets redirected
there once again, continuously. There is no incorrect login message, and I
see a DB entry for her successful login, so I know she is using a correct
username/password. But instead of writing the cookie and moving on to the
regular admin page, she is redirected back to the login screen.
She has logged in every workday for 4 years. My code has not been changed
in the last 3 weeks.
This happens with IE 6. She has cleared her cookies, history, and temp
files, with no change. She downloads Netscape and logs in on the first try.
With IE, after clearing her cookies, she attempts a login, and is
authenticated just fine (according to the DB entry), but no cookie appears,
and back she goes to the login screen. She had a valid cookie yesterday (and
every workday for years), but if the cookie was corrupted, deleting cookies
should have fixed that, and a new one should have been written.
It's almost as if the writing of the new cookie failed on the client. Has
anyone ever heard of such a thing? Or is this absolutely something with my
(very simple) login code, even though it worked fine for years, worked 1
minute later with Netscape, and will probably work again tomorrow.
I will be updating my code over the winter to use 2.0's role-based stuff,
but I'm not sure if this will make this very intermittent problem disappear.
Thanks in advance for any help/ideas/insight.