Redirect Problem from auth page to other pages
My return URL is /auth.aspx. I am able to authenticate auth.aspx. So far so good. Now I have other content pages like foo.aspx. I like to auth each content page. I do this by setting the context query param to this particular page. Now when I am signing in and Windows-Live-Signin-Server calls /auth.aspx I retrieve context and redirect, say to /foo.aspx. Now on /foo.aspx I am getting no auth (WindowsLiveLogin.ProcessLogin return null).
Why would this be? The SDK describes it this to be the way it should be implemented.
Thanks a lot.
Amanda
Are you sure you have implemented everything as mentioned in the SDK?
If I recall correctly, the authentication handler-page sets a cookie with a token, which is decoded by other pages. If this cookie is missing (I think it was called "stoken") the page can't decode it and thus fails on verifying the user.
The sample code in docu shows:
if (user.UsePersistentCookie)
{
write cookie here
}
If I use this code then the cookie does not get set because UsePersistentCookie is false all the times (at least when I tried many times). I have to remove the if clause to make auth work after redirect. But if I have to ignore UsePersistentCookie, what is the purpose of this attribute then?
Thanks a lot.
The recommended code flow is in the MSDN docs here:
http://msdn2.microsoft.com/en-us/library/bb676640.aspx
Code Snippet
HttpCookie loginCookie = new HttpCookie("webauthtoken");
if(user != null)
{
loginCookie.Value = user.Token;
if (user.UsePersistentCookie)
{
loginCookie.Expires = DateTime.Now.AddYears(10);
}
}
else
{
loginCookie.Expires = DateTime.Now.AddYears(-10);
}
The cookie value is written even if UsePersistentCookie==false.
By setting the expiration time for the cookie a long time in the future, it will persist across browser restarts.
