hasanperto
New Member
I have an asp.net app which needs to log users into Active Directory using forms authentication (windows authentication isn't an option with the given requirements).I'm saving authentication cookies like so:\[code\]if (Membership.ValidateUser(model.UserName, model.Password)){ FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);}\[/code\]This works great, except that the cookie authenticates the user even after they change their Active Directory password.Is there a way to tell if the user's password has changed?I'm using asp.net MVC3 with .NET 4What I've TriedIf feel like this code should work, however the HttpWebResponse never contains any cookies. Not quite sure what I'm doing wrong.\[code\]HttpWebRequest request = (HttpWebRequest)WebRequest.Create(Request.Url);request.CookieContainer = new CookieContainer();HttpWebResponse response = (HttpWebResponse)request.GetResponse();Cookie authCookie = response.Cookies["AuthCookie"];if (authCookie.TimeStamp.CompareTo(Membership.GetUser().LastPasswordChangedDate) < 0){ authCookie.Expired = true;}\[/code\]