ASP.NET Web Form page redirects back to login after successful authentication on the IIS server
We have an ASP.NET web forms application that uses forms authentication that authenticates and logs in properly while used locally in the Visual Studio.
However, when trying to deploy the site into a Windows 2016 with IIS server, you can no longer login to a site, it would always redirect back to a login page despite the fact that the authentication was successful
I tested the authentication on the server by outputting into a log, and it showed true using this code
bool val1 = (System.Web.HttpContext.Current.User != null) && System.Web.HttpContext.Current.User.Identity.IsAuthenticated;
In the web config I tried to account for every script like it is suggested in this post
Here is our authentication logic
bool isCookiePersistent = false;
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1,
txtUsername.Text, DateTime.Now, DateTime.Now.AddMinutes(15), isCookiePersistent, groups);
//Encrypt the ticket.
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
//Create a cookie, and then add the encrypted ticket to the cookie as data.
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
//Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie);
Here is the authentication section in the web.config
<authentication mode="Forms">
<forms loginUrl="login.aspx" name="adAuthCookie" timeout="15" path="/"/>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
<identity impersonate="false"/>
Here is the screenshot of the authentication setting in the IIS
Can some one help how to stop the redirection back to a login page?
We use .NET 4.8
Found the solution, I had to remove this line from Web.config
<httpCookies requireSSL="true" />