I set the Forms Authentication using an authorize attribute that that checks a query string hash value:
FormsAuthentication.SetAuthCookie(qs["name"], false);
On the next request I check that the user is logged in:
filterContext.HttpContext.Request.IsAuthenticated
This returns false (seems strange so i have a look at the cookie)
filterContext.HttpContext.Request.Cookies[".ASPXAUTH"]
Returns:
{System.Web.HttpCookie}Domain:nullExpires:{1/01/000112:00:00 a.m.}HasKeys:falseHttpOnly:falseName:".ASPXAUTH"Path:"/"Secure:falseShareable:falseValue:"9A3F32523C37286093E99907E8A71C405854EE409667A34AA8E06665D0912EEA5DAD69C605F45134A9BBA314BC8C4A5AEA46F9F623013A1FA2A98F3AEE834D69555C1849926C4A369B8E5E0A2E26CBB4ACBDBC8D0389BBD9A2C8F942ACFFBF20566BA2D7A1F80914D8B097866D06CC3059DB306C3E83C09800CCD4697D38AF5C"Values:{9A3F32523C37286093E99907E8A71C405854EE409667A34AA8E06665D0912EEA5DAD69C605F45134A9BBA314BC8C4A5AEA46F9F623013A1FA2A98F3AEE834D69555C1849926C4A369B8E5E0A2E26CBB4ACBDBC8D0389BBD9A2C8F942ACFFBF20566BA2D7A1F80914D8B097866D06CC3059DB306C3E83C09800CCD4697D38AF5C}
So the cookie is there, lets decrypt it to see that its valid?
FormsAuthentication.Decrypt(filterContext.HttpContext.Request.Cookies[".ASPXAUTH"].Value){System.Web.Security.FormsAuthenticationTicket}CookiePath:"/"Expiration:{25/06/201512:09:17 p.m.}Expired:falseIsPersistent:falseIssueDate:{25/06/201511:39:17 a.m.}Name:"john"UserData:""Version:2
So the cookie is all good, why does Request.IsAuthenticated return false???
