I've noticed that forums are littered with examples of this problem, but with the only solutions referring to events not actually being hooked up, or typos. I'm pretty sure that my problem relates to neither of these!
I have a login control with an opening tag that looks like this:
<asp:Login ID="signInControl" FailureText="Sorry, your login has not been successful" runat="server" DisplayRememberMe="false" OnLoggedIn="signInControl_LoggedIn" OnAuthenticate="signInControl_Authenticate" OnLoggingIn="signInControl_LoggingIn">
Here are my events in the code-behind:
protected void signInControl_LoggedIn(object sender, EventArgs e)
{
MembershipProvider provider = Membership.Providers[GlobalConstants.MembershipProviderName];
MembershipUser user = provider.GetUser(this.signInControl.UserName, true);
int expiryInDays = Utility.GetConfigurationValueAsInt(SPContext.Current.Web, "PasswordExpiryLengthInDays");
// provide a mechanism to stop password expiry (i.e. if -1);
if (expiryInDays > 0)
{
expiryInDays = expiryInDays * -1;
// If the user hasn't changed their password within the last x days, send them to update it.
DateTime minimumPasswordChange = DateTime.Now.AddDays(expiryInDays);
TimeSpan due = user.LastPasswordChangedDate.Subtract(minimumPasswordChange);
Logging.LogTrace(string.Format("The user {0} next password change is in {1} days.", user.UserName, due.Days));
if (user.LastPasswordChangedDate >= minimumPasswordChange)
{
SPUtility.Redirect("/_layouts/ExpiredPassword.aspx", SPRedirectFlags.Trusted, this.Context);
}
}
else
{
SPUtility.Redirect("/_layouts/ExpiredPassword.aspx", SPRedirectFlags.Trusted, this.Context);
}
}
protected void signInControl_Authenticate(object sender, AuthenticateEventArgs e)
{
SPClaimsUtility.AuthenticateFormsUser(new Uri(SPContext.Current.Web.Url), this.signInControl.UserName, this.signInControl.Password);
e.Authenticated = Membership.ValidateUser(this.signInControl.UserName, this.signInControl.Password);
}
protected void signInControl_LoggingIn(object sender, LoginCancelEventArgs e)
{
Logging.LogTrace(string.Format("User {0} attempting to sign in.", this.signInControl.UserName));
e.Cancel = false;
}
And as you can see in the authenticate event, e.authenticated is being set by whether the user can be validated. I've confirmed by stepping into the code that true is returned. So why isn't my signInControl_LoggedIn method firing? I'm seriously confused!
This is the markup for the front-end:
Thanks for any help!
Karl.