Using Cookie in ASP.NET MVC 4

Using Cookie in Asp.Net Mvc 4

Try using Response.SetCookie(), because Response.Cookies.Add() can cause multiple cookies to be added, whereas SetCookie will update an existing cookie.

Asp.net mvc 4 - Need to use sessions but can't use cookies

Edit your web.config

<sessionState cookieless="true" timeout="20" />

MVC4 how do I set a cookie and then redirect to an action

The solution to this was that the cookie wasn't being added to the browser because I was redirecting before the cookie reached the client side the solution was to have the Login Action return a blank view and then from inside the view redirect to the Index action the final version of my code ended up as follows NOTE: Login changed to AuthenticateUser

    public ActionResult Index()
    {
        var authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
        if (authCookie != null)
        {
            var ticket = FormsAuthentication.Decrypt(authCookie.Value);

            if (ticket != null && ticket.UserData != string.Empty)
            {
                return this.View();
            }
        }

        return RedirectToAction("AuthenticateUser");
    }

    public ActionResult AuthenticateUser()
    {
        // set by Site minder
        var user = User.Identity.Name;

        // ActiveKey login
        if (user.Contains("uid="))
        {
            var endIndex = user.IndexOf(",ou");

            var userEmail = user.Substring(4, endIndex - 4);
            user = userEmail;
        }

        SetAuthenticationCookie(user);

        var viewModel = new SiteminderViewModel { Username = user };

        this.AssignRoles(viewModel);
        return this.View();
    }

and the view is. There is no HTML to display so the redirect is not noticeable.

@{
    ViewBag.Title = "AuthenticateUser";
    Layout = null;
    Response.Redirect( Url.Action("Index", "Home"), false);
}

This code is checking that there is a cookie and that the user data isn't empty, if theses checks pass it shows the user the home page. Otherwise it redirects to the authentication action that gets the email address that was set in the browser by our 3rd party central login software and gets the users details from the users details. If the user is not in our user table they are given basic access rights.

How to save and read Cookie in Asp.net Mvc

The maximum size of a cookie is 4kb.

ASP.NET MVC 4 cookie disappears

I found a solution for my scenario. I've added a compatibilityMode="Framework45" into the machinekey in both applications and it's all working perfectly.

Note: If one of your applications is using an older versions of the .NET framework, you must explicitly configure your .NET 4.5 apps to use the earlier machine compatibility modes, or they will not be able to encrypt/decrypt the forms authentication ticket.

Just to remind you my scenario:

WebForms ASP.NET 4.5

<machineKey compatibilityMode="Framework45" decryption="AES" validation="SHA1" decryptionKey="your_key1" validationKey="your_keu2" />
  <authentication mode="Forms">
    <forms name="_authcookie" domain=".domain.com" loginUrl="Default.aspx?View=1" defaultUrl="Default.aspx?View=1" timeout="30" path="/" protection="All" slidingExpiration="true" enableCrossAppRedirects="true" />
  </authentication>

MVC 4
<machineKey compatibilityMode="Framework45" decryption="AES" validation="SHA1" decryptionKey="your_key1" validationKey="your_keu2" />
   <authentication mode="Forms">
     <forms name="_authcookie" domain=".domain.com" defaultUrl="~/" timeout="30" path="/" protection="All" slidingExpiration="true" enableCrossAppRedirects="true" />
    </authentication>

Possible values for the compatibility mode:

http://msdn.microsoft.com/en-us/library/system.web.configuration.machinekeysection.compatibilitymode.aspx

---

Related Topics