When writing a cookie to the client machine that contains the users roles (as part of a forms authentication setup), be mindful that the clients clock will determine when this cookie expires. If their clock time is set incorrectly, the cookie could end up expiring before it can be read when redirecting from forums authentication. This would cause the roles cookie to appear not to be set and not give the proper role to the user. (And could cause the user to get stuck in an endless loop.)

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.