2

In my MVC 3 application I have a very basic controller

[HttpPost]
public ActionResult SignIn(LogonModel logonModel)
{
    string logonMessage;
    if(_authenticationService.Login(logonModel.UserName, logonModel.Password, 
        out logonMessage))
    {
        FormsAuthentication.SetAuthCookie(logonModel.UserName,true);

        return RedirectToAction("Index", "Home");
    }

    return View();
}

I see the cookie getting set in the browser however when I close the browser and come back to the site, it is not logging me in automatically. It is almost like the cookie is not being processed, which it should be.

Improve this question

3 Answers 3

Reset to default
4

The first and most obvious question is: are cookies enabled in your browser?

What you could check as well is, whether in your web.config, you have configured the <authentication> section to have a timeout:

<authentication mode="Forms">
    <forms loginUrl="~/login" timeout="60" />
</authentication>

if you don't specify a timeout it'll use the default value of 30 minutes, but maybe you set it to some other (invalid) value?

timeout attribute:

Specifies the time, in integer minutes, after which the cookie expires.

You could also check the CookiesSupported property (boolean) to see that that returns.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I am marking this as the answer due to the fact that it got me looking back at the web.config. I had a typo in the domain for the cookie. Now it appears to be working. I have not tested all browsers yet but it works in chrome. Thanks much... I love typos.
Funny how I look back at these and realize how much better of a developer I am today... I would never ask something this retarded today :)
3

Be sure to remove the following <modules> tag from the web.config if using MVC 5+

<system.webServer>
<modules>
  <remove name="FormsAuthentication" />
</modules>
</system.webServer>
Improve this answer

Comments

0

I had a situation where the domain was wrong in the authenticaion section:

  <authentication mode="Forms">
      <forms name="yourAuthCookie" loginUrl="/user/login" protection="All" path="/" enableCrossAppRedirects="true"  timeout="90" domain="WRONGDOMAIN.COM" />
    </authentication>

Removing the domain did the trick:

  <authentication mode="Forms">
      <forms name="yourAuthCookie" loginUrl="/user/login" protection="All" path="/" enableCrossAppRedirects="true"  timeout="90"  />
    </authentication>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.