N
Nicolas LeBlanc
Seems pretty incredible a simple "how to report a bug" isn't available at
all on Microsoft.com !! How the hell can we report a bug when we find one?
There is a bug in the FormsAuthentication request, I have followed the
example to use a generic principal but I changed *ONE* line of code and it
gave me an error, I lost 3 hours to finally find this bug and I would like
to report it.
If you create an Authentication Ticket, put the roles in the UserData
string, the string will be just fine if you redirect using:
Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text.Trim()
, false));
But if you use:
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text.Trim(), false);
the UserData property of your decrypted ticket will en empty... a total
empty string, so there is a bug there because if you comment one line, it's
working, if you comment the other, it's working just fine...
I followed the example given at:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT04.asp
Altough I am the one who changed the line because I felt it was a FrameWork
1.1 new function and probably more intelligent to use that one.
Thanks.
all on Microsoft.com !! How the hell can we report a bug when we find one?
There is a bug in the FormsAuthentication request, I have followed the
example to use a generic principal but I changed *ONE* line of code and it
gave me an error, I lost 3 hours to finally find this bug and I would like
to report it.
If you create an Authentication Ticket, put the roles in the UserData
string, the string will be just fine if you redirect using:
Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text.Trim()
, false));
But if you use:
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text.Trim(), false);
the UserData property of your decrypted ticket will en empty... a total
empty string, so there is a bug there because if you comment one line, it's
working, if you comment the other, it's working just fine...
I followed the example given at:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT04.asp
Altough I am the one who changed the line because I felt it was a FrameWork
1.1 new function and probably more intelligent to use that one.
Thanks.