[Mono-list] Current state of FormsAuthentication

Hubert FONGARNAND informatique.internet@fiducial.fr
Mon, 7 Mar 2005 17:08:25 +0100


Since about a week, i've problems with FormsAuthentication...
I'm using not persistent FormsAuthenticationTicket... I've apply your patch=
=2E..=20
and it works only with XSP...
With apache and mod_mono, i'm never authenticated...
I've another problem with XSP:
=2D	With formauthentication enabled, i can't access to images or static htm=
l=20
pages without beeing authenticated... With a normal (.NET) behaviour=20
only .aspx pages are protected...

Thanks...

Le Dimanche 06 Mars 2005 17:49, Ilya Kharmatsky a =E9crit=A0:
> Hi!
>
> We found regression in latest version of Forms Authentication - in case
> when the FormsAuthenticationTicket is not persistent (created with
> FormsAuthentication.SetAuthCookie("userName", false))
> the HttpRequest.IsAuthenticated will return false.
>
> Attached possible patch (in FormsAuthenticationModule.cs) and test case.
>
> Thanks,
> Ilya Kharmatsky.
>
> Gonzalo Paniagua Javier wrote:
> >On Wed, 2005-03-02 at 11:45 -0700, Jesse Pasichnyk wrote:
> >>I am working on developing an ecommerce site with mono/postgres and am
> >>having some issues with the a Forms based security login area.
> >
> >Last mono release shipped with a regression that might make
> >FormsAuthentication fail.
> >
> >You can get a new System.Web.dll from
> >http://www.go-mono.com/archive/1.0.6/System.Web.dll or
> >http://www.go-mono.com/archive/1.1.4/System.Web.dll
> >
> >-Gonzalo
> >
> >
> >_______________________________________________
> >Mono-list maillist  -  Mono-list@lists.ximian.com
> >http://lists.ximian.com/mailman/listinfo/mono-list