Reputation: 469
How to create a Cookie using SSL pages?
I have an ASP:NET MVC 2 web site that is on SSL. I want to create a cookie like this:
FormsAuthentication.SetAuthCookie(validatedUser.UserName, false);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, validatedUser.SecureToken, DateTime.Now, DateTime.Now.AddMinutes(10), false, String.Empty);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(authTicket));
Response.Cookies.Add(cookie);
But I get an exception, telling: "The application is configured to issue secure cookies. These cookies require the browser to issue the request over SSL (https protocol). However, the current request is not over SSL."
In web.config I have:
<authentication mode="Forms">
<forms loginUrl="~/Account/LoginError" timeout="2880" requireSSL="true" protection="All"/>
</authentication>
How can I fix this?
Upvotes: 1
Views: 3131
Answers (1)
Reputation: 1038820
requireSSL="false" or use http:// to request your site. Note that both are bad idea if you care about security. If you want a secure site leave requireSSL="true" and use https:// to request your site.
Also the SetAuthCookie method already writes the cookie to the response so you don't need the rest:
FormsAuthentication.SetAuthCookie(validatedUser.UserName, false);
is enough. You don't need to worry about FormsAuthenticationTicket and adding the cookie to the response.
Upvotes: 1
Related Questions
- Create Cookie ASP.NET & MVC
- Using Cookie in Asp.Net Mvc 4
- How to create a cookie from any page of the website?
- ASP.NET MVC Cookie Implementation
- Using cookie in asp.net mvc c#
- Securing cookies in ASP.NET
- ASP.NET Securing Cookie on HTTP and HTTPS
- Creating a Cookie in ASP.NET MVC
- Create Cookie in MVC 3
- Cookies in ASP.NET MVC 2