When an unauthorized user is logging into a directory with "forms authentication" set, he gets redirected to Formslogin.asp, which submitts to verifpwd.asp. <BR><BR>Here, my user is getting authenticated (VerifyPassword() is returning TRUE) yet he is not getting a cookie from VerifyCredentials(), so the Response.Redirect redirects him back to the correct page. But without a cookie, he is redirected again to FormsLogin! <BR><BR>I can&#039t seem to find a way out of this? What might I be doing wrong?