I'm finally getting around to ASP.NET authentication for a page and its not validating for some reason.

Here is my code (ASP.NET 1.1).
VB Code:
  1. Option Explicit On 

  2.  
  3. Imports System.Security.Principal

  4. Imports System.Runtime.InteropServices

  5.  
  6. Public Class index3

  7.  
  8.     Inherits System.Web.UI.Page

  9.  
  10.     Declare Function LogonUserA Lib "advapi32.dll" (ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) As Integer

  11.     Declare Auto Function DuplicateToken Lib "advapi32.dll" (ByVal ExistingTokenHandle As IntPtr, ByVal ImpersonationLevel As Integer, ByRef DuplicateTokenHandle As IntPtr) As Integer

  12.     Declare Auto Function RevertToSelf Lib "advapi32.dll" () As Long

  13.     Declare Auto Function CloseHandle Lib "kernel32.dll" (ByVal handle As IntPtr) As Long

  14.  
  15.     Private LOGON32_LOGON_INTERACTIVE As Integer = 2

  16.     Private LOGON32_PROVIDER_DEFAULT As Integer = 0

  17.  
  18.     Private impersonationContext As WindowsImpersonationContext

  19.  
  20.     Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load

  21.         'Put user code to initialize the page here

  22.         'Me.txtUsername.Text = "Domain\Username"

  23.         'Me.txtPassword.Text = String.Empty

  24.     End Sub

  25.  
  26.     Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click

  27.         If impersonateValidUser(Me.txtUsername.Text, Me.txtPassword.Text) Then

  28.             'MessageBox.Show("User authenticated sucessfully")

  29.             'Insert your code that runs under the security context of a specific user here.

  30.             Response.Redirect("index2.aspx")

  31.             undoImpersonation()

  32.         Else

  33.             'MessageBox.Show("Invalid password or user")

  34.             'Your impersonation failed. Therefore, include a fail-safe mechanism here.

  35.             Response.Redirect("index.aspx")

  36.         End If

  37.     End Sub

  38.  
  39.     Private Function impersonateValidUser(ByVal userName As String, ByVal password As String) As Boolean

  40.  
  41.         Dim tempWindowsIdentity As WindowsIdentity

  42.         Dim token As IntPtr = IntPtr.Zero

  43.         Dim tokenDuplicate As IntPtr = IntPtr.Zero

  44.         Dim ar() As String

  45.         Dim domain As String

  46.         impersonateValidUser = False

  47.         ar = userName.Split("\")

  48.         If UBound(ar) = 0 Then

  49.             CloseHandle(token)

  50.             Exit Function

  51.         Else

  52.             domain = ar(0)

  53.             userName = ar(1)

  54.         End If

  55.         If RevertToSelf() Then

  56.             If LogonUserA(userName, domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, token) <> 0 Then

  57.                 If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then

  58.                     tempWindowsIdentity = New WindowsIdentity(tokenDuplicate)

  59.                     impersonationContext = tempWindowsIdentity.Impersonate()

  60.                     If Not impersonationContext Is Nothing Then

  61.                         impersonateValidUser = True

  62.                     End If

  63.                 End If

  64.             End If

  65.         End If

  66.         If Not tokenDuplicate.Equals(IntPtr.Zero) Then

  67.             CloseHandle(tokenDuplicate)

  68.         End If

  69.         If Not token.Equals(IntPtr.Zero) Then

  70.             CloseHandle(token)

  71.         End If

  72.     End Function

  73.  
  74.     Private Sub undoImpersonation()

  75.         impersonationContext.Undo()

  76.     End Sub