B
bmjnine
Hi,
I am trying set up my site so that once a user logs in, they stay
logged in for 72 hours unless they close their browser.
I have the following in place:
(web.config)
-----------------
<system.web>
<sessionState timeout="4320" />
<httpRuntime maxRequestLength="102400" executionTimeout="180" />
<authentication mode="Forms">
<forms loginUrl="signin.aspx" name="UserID" timeout="4320"
slidingExpiration="true" path="/">
</forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
</system.web>
(signin.aspx)
-------------------
FormsAuthentication.RedirectFromLoginPage(myUserID, false);
I also have a test page that tells me some cookie/ticket info:
(test.aspx)
-------------------
StringBuilder sb = new StringBuilder();
HttpCookieCollection cookies = Request.Cookies;
for (int i = 0; i < cookies.Count; i++)
{
sb.Append("Name: " + cookies.Name + "<br/>");
sb.Append("Value: " + cookies.Value + "<br/>");
sb.Append("Domain: " + cookies.Domain + "<br/>");
sb.Append("Path: " + cookies.Path + "<br/>");
sb.Append("HasKeys: " + cookies.HasKeys + "<br/>");
sb.Append("Expires: " + cookies.Expires.ToString() +
"<br/><br/>");
}
FormsIdentity id = (FormsIdentity)User.Identity;
FormsAuthenticationTicket ticket = id.Ticket;
sb.Append("Ticket Name: " + ticket.Name.ToString() + "<br/><br/>");
sb.Append("Ticket Path: " + ticket.CookiePath.ToString() +
"<br/><br/>");
sb.Append("Ticket Issue Date: " + ticket.IssueDate.ToString() +
"<br/><br/>");
sb.Append("Ticket Expires: " + ticket.Expiration.ToString() +
"<br/><br/>");
sb.Append("Ticket Expired: " + ticket.Expired.ToString() +
"<br/><br/>");
sb.Append("Ticket Is Persistent: " + ticket.IsPersistent.ToString() +
"<br/><br/>");
Response.Write(sb.ToString());
I am able to login okay, and it appears the expiration date seem to be
in effect, as the results of the above test page are:
----------------------------------------
Name: UserID
Value:
E3099CA828B03D405118E120E7F47A2E0C9F3BAC50961AB996E2E681BFA6CB282D1BE0E214F69E035CF635D867A9D02DE0AF2F70EC40389505E53C71B2E28A0E
Domain:
Path: /
HasKeys: False
Expires: 1/1/0001 12:00:00 AM
Name: ASP.NET_SessionId
Value: yyvr3w55ryhmmyugovdllxex
Domain:
Path: /
HasKeys: False
Expires: 1/1/0001 12:00:00 AM
Ticket Name: 1
Ticket Path: /
Ticket Issue Date: 9/27/2006 5:35:27 PM
Ticket Expires: 9/30/2006 5:35:27 PM
Ticket Expired: False
Ticket Is Persistent: False
As you can see, the ticket is set to expire in 72 hours. However, after
about 20-30 minutes of inactivity, my ticket appears to expire -- I am
redirected to the login page, and the test page throws an error because
User.Identity is null.
What am I missing?
Thanks in advance,
Alyssa
I am trying set up my site so that once a user logs in, they stay
logged in for 72 hours unless they close their browser.
I have the following in place:
(web.config)
-----------------
<system.web>
<sessionState timeout="4320" />
<httpRuntime maxRequestLength="102400" executionTimeout="180" />
<authentication mode="Forms">
<forms loginUrl="signin.aspx" name="UserID" timeout="4320"
slidingExpiration="true" path="/">
</forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
</system.web>
(signin.aspx)
-------------------
FormsAuthentication.RedirectFromLoginPage(myUserID, false);
I also have a test page that tells me some cookie/ticket info:
(test.aspx)
-------------------
StringBuilder sb = new StringBuilder();
HttpCookieCollection cookies = Request.Cookies;
for (int i = 0; i < cookies.Count; i++)
{
sb.Append("Name: " + cookies.Name + "<br/>");
sb.Append("Value: " + cookies.Value + "<br/>");
sb.Append("Domain: " + cookies.Domain + "<br/>");
sb.Append("Path: " + cookies.Path + "<br/>");
sb.Append("HasKeys: " + cookies.HasKeys + "<br/>");
sb.Append("Expires: " + cookies.Expires.ToString() +
"<br/><br/>");
}
FormsIdentity id = (FormsIdentity)User.Identity;
FormsAuthenticationTicket ticket = id.Ticket;
sb.Append("Ticket Name: " + ticket.Name.ToString() + "<br/><br/>");
sb.Append("Ticket Path: " + ticket.CookiePath.ToString() +
"<br/><br/>");
sb.Append("Ticket Issue Date: " + ticket.IssueDate.ToString() +
"<br/><br/>");
sb.Append("Ticket Expires: " + ticket.Expiration.ToString() +
"<br/><br/>");
sb.Append("Ticket Expired: " + ticket.Expired.ToString() +
"<br/><br/>");
sb.Append("Ticket Is Persistent: " + ticket.IsPersistent.ToString() +
"<br/><br/>");
Response.Write(sb.ToString());
I am able to login okay, and it appears the expiration date seem to be
in effect, as the results of the above test page are:
----------------------------------------
Name: UserID
Value:
E3099CA828B03D405118E120E7F47A2E0C9F3BAC50961AB996E2E681BFA6CB282D1BE0E214F69E035CF635D867A9D02DE0AF2F70EC40389505E53C71B2E28A0E
Domain:
Path: /
HasKeys: False
Expires: 1/1/0001 12:00:00 AM
Name: ASP.NET_SessionId
Value: yyvr3w55ryhmmyugovdllxex
Domain:
Path: /
HasKeys: False
Expires: 1/1/0001 12:00:00 AM
Ticket Name: 1
Ticket Path: /
Ticket Issue Date: 9/27/2006 5:35:27 PM
Ticket Expires: 9/30/2006 5:35:27 PM
Ticket Expired: False
Ticket Is Persistent: False
As you can see, the ticket is set to expire in 72 hours. However, after
about 20-30 minutes of inactivity, my ticket appears to expire -- I am
redirected to the login page, and the test page throws an error because
User.Identity is null.
What am I missing?
Thanks in advance,
Alyssa