The Misunderstood FormsAuthentication RedirectFromLoginPage
There are a lot of misconceptions about the function of FormsAuthentication.RedirectFromLoginPage function. People have been saying it's buggy. I hate to break the news to those who claimed so but the only thing wrong with FormsAuthentication.RedirectFromLoginPage is how one is using it.
If you read the remarks for this method on MSDN library, you'll realize that it's working exactly as it should. To quote the docs:
"The method issues an authentication ticket and does a SetForms with the ticket, using the appropriately configured cookie name for the application as part of the redirect response."
Lesson learned:
If you are creating your own FormsAuthenticationTicket, use FormsAuthentication.GetRedirectUrl. Using FormsAuthentication.RedirectFromLoginPage will actually create a new authentication ticket overriding the ticket you just created assuming you are using the FormsAuthentication.FormsCookieName for your cookie.
If you read the remarks for this method on MSDN library, you'll realize that it's working exactly as it should. To quote the docs:
"The method issues an authentication ticket and does a SetForms with the ticket, using the appropriately configured cookie name for the application as part of the redirect response."
Lesson learned:
If you are creating your own FormsAuthenticationTicket, use FormsAuthentication.GetRedirectUrl. Using FormsAuthentication.RedirectFromLoginPage will actually create a new authentication ticket overriding the ticket you just created assuming you are using the FormsAuthentication.FormsCookieName for your cookie.
posted by kuantanzai at 10:54 AM
0 Comments:
Post a Comment
<< Home