I have asp.net membership implemented using SQL Server.

I have a default page that says Hello, Guest for anonymous users and Hello, [Firstname] [Lastname] for authenticated users.

I'm having trouble logging in on one computer (and my customer is having the same issue on one of their computers).

On computer A, I can log in fine to the production website.  After I log in, I see Hello, Craig Howard as expected.

On computer B, I cannot login to production.  I do not get a login error, and I am redirected to the default page (as if login was fine) but I see Hello, Guest

Here's some things I've discovered / tried

• I verfied the cookie is getting created when I login
• I tried clearing my cache and cookies
• I verified that there is only one record in aspnet_Applications (so there isn't an application name conflict)
• LastLoginDate updates to the current date time when I login (in aspnet_Membership table)
• The user is approved and not locked out
• On this same computer, I can login to the same site at localhost (different SQL database when running locally)
• On this same computer, I can login to production using Firefox

It appears that what is happening is that I'm logging in successfully, but then somehow getting logged out when I am redirected to the default page.

I'm at a loss of how to troubleshoot this further.  It certainly appears to be something specific to IE, but I don't know how it gets in this state, or how to clear it.

I'm using the <asp:Login> control

 Any suggestions ?

-Craig

Try this

<asp:LoginView ID="LoginView1" runat="server">
            <LoggedInTemplate>
                Welcome
                <asp:LoginName ID="LoginName1" runat="server" />
            </LoggedInTemplate>
            <AnonymousTemplate>
                Welcome Guest
            </AnonymousTemplate>
        </asp:LoginView>

Thanks for the response, but I'm not having any problem displaying when a user or guest is logged in.

I am having an issue where I am getting authenticated on my login.aspx page, but when it redirects to the default page, It's displaying Hello Guest, which means I am no longer logged in. 

This is happening on two computers  (one has IE6 and one has IE7), but from other computers there are no issues.  It works with Firefox on all the computers.

A bit more information is that on those two computers, it worked initially, but then somehow got into a state where it no longer worked.

I'm considering using cookieless authentication to see if I can get by the issue.

Any other troubleshooting tips would be appreciated.

Craig

Hi

Will the login process work by adding the site to the browsers "trusted sites" list? I saw some people solve the problem use this suggestion since the failure is caused by the users browser rejecting auth cookie from your site.

I tried adding the site to my trusted sites list.  I see the trusted sites icon at the bottom of IE, but it's the same result.  It appears to authenticate, redirect to my default page and I'm recognized as the anonymous user, not my authenticated user.

When I go to Internet Options | Browsing History | Settings | View files

I can see the cookie was created.  The Last Modified date time is correct, the Expires date is in two months.

Next I tried registering a new user.  THE NEW ONE WORKS. 

So now I know it's a specific user and computer (since that user works on other computers)

Any ideas on why a specific user can't log in on one computer, but can log in fine on others ?  I really thought deleting the cookie would fix the issue, but it hasn't.

 -Craig

I changed my web.config to use cookieless="UseUri" and it works now.

My webconfig authentication section looks like this now. 

<authentication mode="Forms">

     <forms loginUrl="Login.aspx" defaultUrl="Default.aspx" enableCrossAppRedirects="true" cookieless="UseUri" />

</authentication>

So for some reason, even though I could see a cookie getting created, my login wasn't working.

My Privacy setting in IE is Accept All Cookies, so I don't know why.  If anyone knows why, I'd still like to know even though I have a workaround.  It's possible that it got into this state where login stopped working when I clicked Logout.

My logout page runs these two lines before a Redirect.

System.Web.Security.FormsAuthentication.SignOut();

Session.Clear(); 

-Craig

I got it working with cookies. 

I didn't like the cookieless method because the urls were long and whenever I wanted to redirect, I would have to pass the big ugly string around or the site would forget who I was.

It turns out my rolemanager was missing a bunch of attributes in my web.config.

I changed it from this

 <roleManager enabled="true"  defaultProvider="SqlRoleProvider">

to this

<roleManager enabled="true" cacheRolesInCookie="true" cookieName=".someCookieName" cookiePath="/" cookieTimeout="30000" cookieRequireSSL="false" cookieSlidingExpiration="true" createPersistentCookie="false" cookieProtection="All" defaultProvider="SqlRoleProvider">

 -Craig