Custom authentication module inheriting IHttpModule issue.

Posted by Chandan Khatwani on Stack Overflow See other posts from Stack Overflow or by Chandan Khatwani
Published on 2011-02-03T05:41:34Z Indexed on 2011/02/04 7:25 UTC
Read the original article Hit count: 192

Filed under:

LoginPage.aspx:-

protected void Button1_Click(object sender, EventArgs e)
            {
                Context.Items["Username"] = txtUserId.Text;
                Context.Items["Password"] = txtPassword.Text;
                //
                FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, Context.Items["Username"].ToString(), DateTime.Now, DateTime.Now.AddMinutes(10), true, "users", FormsAuthentication.FormsCookiePath);

                // Encrypt the cookie using the machine key for secure transport
                string hash = FormsAuthentication.Encrypt(ticket);
                HttpCookie cookie = new HttpCookie(
                   FormsAuthentication.FormsCookieName, // Name of auth cookie
                   hash); // Hashed ticket

                // Set the cookie's expiration time to the tickets expiration time
                if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;
                Response.Cookies.Add(cookie);
                Response.Redirect("Default.aspx");
            }

Global.asax file:-

void Application_AuthenticateRequest(object sender, EventArgs e)
        {
            if (HttpContext.Current.User != null)
            {
                if (HttpContext.Current.User.Identity.IsAuthenticated)
                {
                    if (HttpContext.Current.User.Identity is FormsIdentity)
                    {
                        FormsIdentity id =
                            (FormsIdentity)HttpContext.Current.User.Identity;
                        FormsAuthenticationTicket ticket = id.Ticket;
                        // Get the stored user-data, in this case, our roles
                        string userData = ticket.UserData;
                        string[] roles = userData.Split(',');
                        HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(id, roles);
                        Response.Write(HttpContext.Current.User.Identity.Name);
                        Response.Redirect("Default.aspx");
                    }
                }
            }
        }

I get the following error after signing in

This webpage has a redirect loop.

The webpage at http://localhost:1067/Default.aspx has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.

© Stack Overflow or respective owner

Related posts about ASP.NET