S
Sebastien Roeckel
Hello
I have a problem with the authentication cookie timeout in a forms
authentication.
I've developed a Web application that uses forms authentication.
My web.config is configured for the authentication cookie to expire
after 30 minutes.
The login page asks for the user's credentials and if OK, writes the
authentication cookie (through the
FormsAuthentication.RedirectFromLoginPage method).
First I checked the presence of the cookie in a base page from which
all my web pages are derived --> the cookie timeout is correctly
handled (if nothing is done on the web site during 30 minutes, an
action on the web site redirects me to the login page).
Then I moved the cookie's presence verification from the base page to
the AuthenticateRequest method (in global.asax): by doing so, the
cookie timeout didn't seem to work anymore: I can log to the web site
and let the browser running overnight, the next morning I can browse
on the site as if I had logged in 5 minutes before.
The problem seems to come from the verification done in the
AuthenticateRequest method: has anybody an idea or can anybody help ?
Thank you very much
I have a problem with the authentication cookie timeout in a forms
authentication.
I've developed a Web application that uses forms authentication.
My web.config is configured for the authentication cookie to expire
after 30 minutes.
The login page asks for the user's credentials and if OK, writes the
authentication cookie (through the
FormsAuthentication.RedirectFromLoginPage method).
First I checked the presence of the cookie in a base page from which
all my web pages are derived --> the cookie timeout is correctly
handled (if nothing is done on the web site during 30 minutes, an
action on the web site redirects me to the login page).
Then I moved the cookie's presence verification from the base page to
the AuthenticateRequest method (in global.asax): by doing so, the
cookie timeout didn't seem to work anymore: I can log to the web site
and let the browser running overnight, the next morning I can browse
on the site as if I had logged in 5 minutes before.
The problem seems to come from the verification done in the
AuthenticateRequest method: has anybody an idea or can anybody help ?
Thank you very much