IVerifUsr::VerifyCredentials() Always Returns URL (234015)


The information in this article applies to:

  • Microsoft Site Server 3.0
This article was previously published under Q234015

SYMPTOMS

When you use the VerifyCredentials method of the Membership.VerifUser component, the URL is always returned, regardless of whether the credentials passed to the method are correct.

CAUSE

Because this is the default behavior of the component, when the user enters invalid or incorrect credentials, the user is redirected back to the FormsLogin.asp page. As a result, you cannot use your own custom error messages when invalid credentials are supplied.

WORKAROUND

To work around this behavior, use the VerifyPassword method of the component to determine if the supplied credentials are valid, and then call the VerifyCredentials method to ensure that the user receives the "FormsAuth" cookie, which allows them to access other HTML Forms Authenticated pages.

MORE INFORMATION

The following sample illustrates how to use the VerifyPassword method in conjunction with the VerifyCredentials method to authenticate users:
<%
 Dim objVerify
 Dim strUrl

 strUrl = "/folder/file.htm"
 Set objVerify = Server.CreateObject("Membership.UserObjects")

 'Call VerifyPassword() to validate the credentials.
 If (objVerify.VerifyPassword("username", "password")) Then
     'Call VerifyCredentials() so that the user gets the FormsAuth cookie.
     Call objVerify.VerifyCredentials("username", "password", strUrl)

     'Redirect the user to the HTML Forms Authenticated page.
     Response.Redirect strUrl
 Else
     Response.Write "The credentials supplied were invalid."
 End If 

 Set objVerify = Nothing
%>
For more information on the user of the Membership.VerifUser component, refer to the Site Server 3.0 Software Development Kit (SDK) version 1.1.
Modification Type:MajorLast Reviewed:12/2/2000
Keywords:kbdocfix kbprb KB234015
©2002 Microsoft Corporation. All rights reserved.