During the master page's Load event, I do a check to see if the user is logged in to our site (via a ColdFusion page) based on the presence of a cookie. If the cookie exists, it logs the user into the cms as a membership user.

During the template page's Load event, I check to see if the content is private and whether the user is logged in to the cms and redirect to the login page if necessary:

string callbackUrl = HttpContext.Current.Request.Url.AbsoluteUri;
Response.AddHeader("REFRESH", "0;URL=http://www2.aur.org/login/login.cfm?callbackOverride=" + callbackUrl);
If the user gets redirected to the login page because they were trying to access member-only content, the url will look like this:


And when they log in via the ColdFusion page, it redirects them to the member-only page they were trying to view.

However, this isn't working quite right. After logging in, it does redirect them to the page they were trying to view, but then it quickly redirects them back to the login page.

I thought it was because the content page was loading before the master page, but I moved the code from the master page's load event to the init event instead so that that would happen first, and it's still behaving the same way. And I know the cookie is there and working properly because after they're logged in, if they navigate themselves back to the page they were trying to view, they can see it fine.

I'm not sure what else to do at this point. Any ideas?