Microsoft KB Archive/234015

= IVerifUsr::VerifyCredentials Always Returns URL =

Article ID: 234015

Article Last Modified on 12/2/2000

-

APPLIES TO


 * Microsoft Site Server 3.0 Standard Edition

-



This article was previously published under Q234015



SYMPTOMS
When you use the VerifyCredentials method of the Membership.VerifUser component, the URL is always returned, regardless of whether the credentials passed to the method are correct.



CAUSE
Because this is the default behavior of the component, when the user enters invalid or incorrect credentials, the user is redirected back to the FormsLogin.asp page. As a result, you cannot use your own custom error messages when invalid credentials are supplied.



WORKAROUND
To work around this behavior, use the VerifyPassword method of the component to determine if the supplied credentials are valid, and then call the VerifyCredentials method to ensure that the user receives the "FormsAuth" cookie, which allows them to access other HTML Forms Authenticated pages.



MORE INFORMATION
The following sample illustrates how to use the VerifyPassword method in conjunction with the VerifyCredentials method to authenticate users:

<% Dim objVerify Dim strUrl

strUrl = "/folder/file.htm" Set objVerify = Server.CreateObject("Membership.UserObjects")

'Call VerifyPassword to validate the credentials. If (objVerify.VerifyPassword("username", "password")) Then 'Call VerifyCredentials so that the user gets the FormsAuth cookie. Call objVerify.VerifyCredentials("username", "password", strUrl)

'Redirect the user to the HTML Forms Authenticated page. Response.Redirect strUrl Else Response.Write "The credentials supplied were invalid." End If

Set objVerify = Nothing %> For more information on the user of the Membership.VerifUser component, refer to the Site Server 3.0 Software Development Kit (SDK) version 1.1.

Keywords: kbdocfix kbprb kbpending KB234015

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.