Session variable gets lost after publishing (works on dev machine)

Question

A quick project I've been asked to knock together doesn't need crazy security, so, I've implemented a simple login screen that checks the Username & PW against the db.

User u = new User();
if (u.AuthenticateUser(txtUsername.Text, txtPassword.Text))
   Session.Add("UserSeshAuthenticated", true);                    

Response.Redirect("Dashboard.aspx");

All the other pages share a MasterPage and in the Page_Load event:

if ((Session["UserSeshAuthenticated"] == null) || ((bool)Session["UserSeshAuthenticated"] == false))
        {
            fw.Write("UserSeshAuthenticated has been lost or something");

            string path = HttpContext.Current.Request.Url.AbsolutePath;
            Response.Redirect("Login.aspx?retpath=" + path);
        }
        else
        {
            lblLoggedInUsername.Text = Session["UserSeshAuthenticated"].ToString();
        }

This all works very well on my development machine, but when I've published it to my server, by the time my MasterPage loads, it has lost the session variables.

Can anyone help ?... I'm supposed to have it live this afternoon & I didn't think I'd run into this problem !!!

Any help appreciated. Thanks a lot.

Answer 1

In your login code, you add "UserSeshAuthenticated" to the session, but not the User object. If the function u.AuthenticateUser() adds a copy of itself into the Session, that could be your problem. Try adding that in your result block instead. Like this:

User u = new User();
if (u.AuthenticateUser(txtUsername.Text, txtPassword.Text))
{
   Session.Add("UserSeshAuthenticated", true);
   Session.Add("oUser", u);

   Response.Redirect("Dashboard.aspx");
}