1

We have will have a mixed ASP.NET environment with WebForms, MVC and some SPA sections.

Now I would like to implement one of these login forms that just pop up with you hover over the login link. This would require that we can authenticate the user via Web Service call (not an issue). But in order to stay compatible with the rest of the pages, we need to set the ASP.NET authentication cookie in the browser. So that it works for the other pages.

Is that possible?
Or is the only way to use an iframe with the login form that reloads?

Improve this question

1 Answer 1

Reset to default
2

You can just set the Auth Cookie on the server side

FormsAuthentication.SetAuthCookie(userName, remeberMe);

and update the login view with a logged-in one.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Right, but that runs a bit against the idea of an ajax call with no full-page postback.
You don't need a full page postback, just set the auth cookie on the ajax called mvc action, or whatever endpoint, and return a partial view or just a Json to update the piece of HTML for logged user.
Right, the cookie is indeed part of the JSON response. Unfortunately, it's HttpOnly, so I cannot read it and assign it to the page. It's not transferred automatically.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.