FormsAuthenticationTicket disappeared after Response.Redirect operation

Question

I developed website with ASP.NET. Now I make an authentification.

Authorization is made by another web service. If the answer from web-service is success, I create a ticket:

var ticket = new FormsAuthenticationTicket(1, param.Login, DateTime.Now, DateTime.Now.AddDays(1), false, string.Empty, FormsAuthentication.FormsCookiePath);
            var encTicket = FormsAuthentication.Encrypt(ticket);

            var AuthCookie = new HttpCookie(FormsAuthentication.FormsCookieName)
            {
                Value = encTicket,
                Expires = DateTime.Now.AddDays(1)
            };

            Response.Cookies.Set(AuthCookie);

This code added authentification cookie. But if I add the next string after previous code:

                Response.Redirect("<redirect address>");

cookie is disappeared after redirect.

Why it's happened?

web.config part of authentification here:

<authentication mode="Forms">
  <forms name=".ASPXFORMSAUTH" loginUrl="~/login.ashx" />
</authentication>

Answer 1

It may happen that the cookie data being associated with the cookie has exceed the maximum allowed size in its encrypted format. Unencrypted, the data will not be too large.

Large size of the cookie may result in dropping of the cookie from the response header. Below fixes are worth trying:

• Reduce the Amount of Data set in a cookie
• Try cookie just once in unencrypted format. This way you will be confirmed that it is indeed the Size of cookie which is creating a problem

This POST gives a good information on Cookie size.