formsauthentication timeout & session timeout

Discussion in 'ASP .Net' started by =?Utf-8?B?Q3JhaWc=?=, Aug 10, 2005.

  1. I'm using FormsAuthentication. If the session restarts, obviously the
    session variables are cleared, but the security ticket is still active.
    Since I use variables in the Session to determine what data is displayed on
    the page (for example I store the username variable in Session and display
    the users specific data), I need to have either the security ticket signed
    out if/when the session restarts, so I can have the user sign in again, so
    that I can get the user specific data and place it in the Session object.
    Have I designed my application incorrectly?
    If this is an acceptable design, what is the solution?
    =?Utf-8?B?Q3JhaWc=?=, Aug 10, 2005
    #1
    1. Advertising

  2. A couple things you can do...

    1. If you are using the In-Process state server then you could probably put
    your code in the Session_End event and log the user out. When using
    out-of-process you don't have the Session_End event (it won't fire).

    2. Or, you probably have the username or customer key in the
    (HttpContext.Current.User.Identity.Name) value when you signed them in.

    FormsAuthenticationTicket(1, username,
    DateTime.Now,
    DateTime.Now.AddMinutes(60),
    false, string.Empty);

    You can use this to re-locate the user data from your database and rebuild
    the session.

    HTH
    --
    Ian


    "Craig" wrote:

    > I'm using FormsAuthentication. If the session restarts, obviously the
    > session variables are cleared, but the security ticket is still active.
    > Since I use variables in the Session to determine what data is displayed on
    > the page (for example I store the username variable in Session and display
    > the users specific data), I need to have either the security ticket signed
    > out if/when the session restarts, so I can have the user sign in again, so
    > that I can get the user specific data and place it in the Session object.
    > Have I designed my application incorrectly?
    > If this is an acceptable design, what is the solution?
    =?Utf-8?B?RU5JWklO?= .enizin.net>, Aug 10, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. .NET Follower

    Meaning Of Timeout in FormsAuthentication???

    .NET Follower, Feb 6, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    346
    .NET Follower
    Feb 6, 2004
  2. Danny
    Replies:
    1
    Views:
    1,320
    Craig Deelsnyder
    Jun 17, 2004
  3. tshad
    Replies:
    8
    Views:
    2,121
    =?Utf-8?B?UGF0cmljay5PLklnZQ==?=
    Jan 14, 2005
  4. =?Utf-8?B?Tmljaw==?=

    FormsAuthentication timeout and losing page state

    =?Utf-8?B?Tmljaw==?=, May 17, 2006, in forum: ASP .Net
    Replies:
    1
    Views:
    417
    Winista
    Jun 14, 2006
  5. =?Utf-8?B?Um9iSEs=?=
    Replies:
    4
    Views:
    5,233
    =?Utf-8?B?Um9iSEs=?=
    Apr 11, 2007
Loading...

Share This Page