public void WriteLoginInfoToResponse(LoginInfo loginInfo) { if (loginInfo == null || !loginInfo.IsDirty) { return; } loginInfo.Sign(); bool sendAsPersistentCookie = loginInfo.IsPersistent || loginInfo.IsAnonymous; int persistentCookieAge = (int)configuration.PersistentLoginCookieExpiration.TotalSeconds; var httpOnly = new HttpCookie(cookieNamer.HttpOnlyLoginCookieName, loginInfo.HttpCookieValue); httpOnly.Path = "/"; httpOnly.HttpOnly = true; httpOnly.Secure = true; if (sendAsPersistentCookie) { httpOnly.SetMaxAge(persistentCookieAge); } var user = new HttpCookie(cookieNamer.UserAccessibleLoginCookieName, loginInfo.UserCookieValue); user.Path = "/"; user.Secure = true; if (sendAsPersistentCookie) { user.SetMaxAge(persistentCookieAge); } OSTrace.Debug("[Response cookies] Http cookie value: {0}; User cookie value: {1}", httpOnly.Value, user.Value); HttpContext.Current.Response.Cookies.Set(httpOnly); HttpContext.Current.Response.Cookies.Set(user); }