IVerifUsr::VerifyCredentials() Always Returns URL

ID: Q234015

The information in this article applies to:

Microsoft Site Server version 3.0

SYMPTOMS

When you use the VerifyCredentials() method of the Membership.VerifUser component, the URL is always returned, regardless of whether the credentials passed to the method were correct.

CAUSE

This behavior is by design.

Because this is the default behavior of the component, if the user enters invalid or incorrect credentials, the user is redirected back to the FormsLogin.asp page. This will, however, prevent you from using your own custom error messages when invalid credentials are supplied.

WORKAROUND

To work around this behavior, use the VerifyPassword() method of the component to determine if the supplied credentials are valid, and then call the VerifyCredentials() method to ensure the user receives the "FormsAuth" cookie, which will allow them to access other HTML Forms Authenticated pages.

MORE INFORMATION

The following is a sample of how to use the VerifyPassword() method in conjunction with the VerifyCredentials() method to authenticate users:


<%
 Dim objVerify
 Dim strUrl

 strUrl = "/folder/file.htm"
 Set objVerify = Server.CreateObject("Membership.UserObjects")

 'Call VerifyPassword() to validate the credentials
 If (objVerify.VerifyPassword("username", "password")) Then
     'Call VerifyCredentials() so the user gets the FormsAuth cookie
     Call objVerify.VerifyCredentials("username", "password", strUrl)

     'Redirect the user to the HTML Forms Authenticated page
     Response.Redirect strUrl
 Else
     Response.Write "The credentials supplied were invalid."
 End If 

 Set objVerify = Nothing
%>

For more information regarding the user of the Membership.VerifUser component, please refer to the Site Server 3.0 SDK version 1.1.

Additional query words:

Keywords : kbdocfix
Version : winnt:3.0
Platform : winnt
Issue type : kbprb