Click here to Skip to main content
14,692,401 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hello everyone,

I come to you for help at figuring out our Forms Authentication issue. It all works like a charm when run locally (either dev. Machine or Server), but when we try to access the site over the network it fails.

Here's the web.config chunk...

<authentication mode="Forms">
      <forms loginUrl="~/Inicio/Login.aspx" name=".CesAUTH" timeout="2" protection="All" slidingExpiration="true" defaultUrl="~/Inicio/Login.aspx" requireSSL="true"/>
      <deny users="?"/>
      <allow users="*"/>
  <location path="Inicio">
        <allow users="*"/>

Here's the code used to create the authentication cookie once the user's credentials have been validated against our db:

//Se genera la cookie para la autenticación del usuario
                HttpCookie authCookie = FormsAuthentication.GetAuthCookie(UsrRUT.ToString(), false);
                FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value);
                FormsAuthenticationTicket newTicket = new FormsAuthenticationTicket(ticket.Version, ticket.Name, ticket.IssueDate, ticket.Expiration, ticket.IsPersistent, UsrRUT.ToString() + "_" + DateTime.Now.ToString("yyyyMMddHHmmssfff"));
                authCookie.Value = FormsAuthentication.Encrypt(newTicket);
//Se redirecciona la solictud del login en caso de haber sido generada desde otra página
                FormsAuthentication.RedirectFromLoginPage(UsrRUT.ToString(), true);

Here the code used in the Global.asax:

void Application_OnPostAuthenticateRequest(object sender, EventArgs e)
            // Referencia al usuraio actual
            IPrincipal usr = HttpContext.Current.User;
            if (usr.Identity.IsAuthenticated && usr.Identity.AuthenticationType == "Forms")
                FormsIdentity fIdent = usr.Identity as FormsIdentity;
                // Genera el objeto CustomIdentity personalizado en base a el FormsAuthenticationTicket  
                CustomIdentity ci = new CustomIdentity(fIdent.Ticket);
                // Genra el objeto CustomPrincipal
                CustomPrincipal p = new CustomPrincipal(ci);
                // Agregas los objetos al contexto e hilo de ejecución actuales
                HttpContext.Current.User = p;
                Thread.CurrentPrincipal = p;

Again, when running the site either in debug mode (local machine) or the actual published site on our server (locally)(IIS 6) it all works. But if we try to login from a remote computer to the published site we always are allowed to enter credentials, and always redirected back to the login page from the one we should have been able to get to. Here's the URL we can see on our browsers:

Would it be possible for anyone to pinpoint what are we doing wrong? Thanks a lot for your much needed help.

What I have tried:

We have tried rebuilding the forms authentication tag in our web.config from scratch adding one attribute at a time, without and with(current code) using the CustomIdentity or CustomIdentity classes, with(out) coding the Application_OnPostAuthenticateRequest event on the global.asax file.

But nothing changes. We can access the site, from the server itself, with its URL:"
, login and proceed to the next page, but from a remote machine we are always redirected back as if the authentication had failed.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900