RedirectFromLoginPage persistent cookie expiration

Discussion in 'ASP .Net Security' started by jester, Nov 29, 2004.

  1. jester

    jester Guest

    Passing true for the second parameter of RedirectFromLoginPage creates a
    persistent cookie. When does this cookie expire?
     
    jester, Nov 29, 2004
    #1
    1. Advertising

  2. jester

    John Paul. A Guest

    Hi jester,
    Please check your config file. If everything goes right, please check the
    security settings for the dll.
    Rgds,
    John Paul. A

    "jester" wrote:

    >
    > Passing true for the second parameter of RedirectFromLoginPage creates a
    > persistent cookie. When does this cookie expire?
    >
     
    John Paul. A, Nov 29, 2004
    #2
    1. Advertising

  3. jester

    John Paul. A Guest

    Hi jester,
    Please ignore my previous reply, becoz my reply to DPAPI has come here.

    Regarding the RedirectFromLoginPage - persistent cookie, you can control the
    expiration date, it is also a good practice too..
    Here how you can do?

    If persistentCookie And expirationDays > 0 Then
    ' Get a reference to the cookie just created.
    Dim cookie As HttpCookie = Response.Cookies _
    (FormsAuthentication.FormsCookieName)
    ' Set its expiration date.
    cookie.Expires = Now.AddDays(expirationDays)
    ' Ensure the cookie can travel only over https.
    'cookie.Secure = True
    End If

    Rgds,
    John Paul. A


    "jester" wrote:

    >
    > Passing true for the second parameter of RedirectFromLoginPage creates a
    > persistent cookie. When does this cookie expire?
    >
     
    John Paul. A, Nov 29, 2004
    #3
  4. jester

    jester Guest

    But what would be the default cookie expiration if I don't set it explicitly?

    "John Paul. A" wrote:

    > Hi jester,
    > Please ignore my previous reply, becoz my reply to DPAPI has come here.
    >
    > Regarding the RedirectFromLoginPage - persistent cookie, you can control the
    > expiration date, it is also a good practice too..
    > Here how you can do?
    >
    > If persistentCookie And expirationDays > 0 Then
    > ' Get a reference to the cookie just created.
    > Dim cookie As HttpCookie = Response.Cookies _
    > (FormsAuthentication.FormsCookieName)
    > ' Set its expiration date.
    > cookie.Expires = Now.AddDays(expirationDays)
    > ' Ensure the cookie can travel only over https.
    > 'cookie.Secure = True
    > End If
    >
    > Rgds,
    > John Paul. A
    >
    >
    > "jester" wrote:
    >
    > >
    > > Passing true for the second parameter of RedirectFromLoginPage creates a
    > > persistent cookie. When does this cookie expire?
    > >
     
    jester, Nov 30, 2004
    #4
  5. jester

    John Paul. A Guest

    Dear jester,
    The default time-out limit is 20 minutes.
    Please see the Microsoft documentation "Configuring ASP.NET Applications to
    Use the Appropriate Session State"

    http://www.microsoft.com/resources/...2003/all/deployguide/en-us/iisdg_net_mshe.asp

    Sorry.. The URL is bit long...

    Rgds,
    John Paul. A

    "jester" wrote:

    >
    > But what would be the default cookie expiration if I don't set it explicitly?
    >
    > "John Paul. A" wrote:
    >
    > > Hi jester,
    > > Please ignore my previous reply, becoz my reply to DPAPI has come here.
    > >
    > > Regarding the RedirectFromLoginPage - persistent cookie, you can control the
    > > expiration date, it is also a good practice too..
    > > Here how you can do?
    > >
    > > If persistentCookie And expirationDays > 0 Then
    > > ' Get a reference to the cookie just created.
    > > Dim cookie As HttpCookie = Response.Cookies _
    > > (FormsAuthentication.FormsCookieName)
    > > ' Set its expiration date.
    > > cookie.Expires = Now.AddDays(expirationDays)
    > > ' Ensure the cookie can travel only over https.
    > > 'cookie.Secure = True
    > > End If
    > >
    > > Rgds,
    > > John Paul. A
    > >
    > >
    > > "jester" wrote:
    > >
    > > >
    > > > Passing true for the second parameter of RedirectFromLoginPage creates a
    > > > persistent cookie. When does this cookie expire?
    > > >
     
    John Paul. A, Dec 1, 2004
    #5
  6. jester

    jester Guest

    Thanks, John Paul.

    "John Paul. A" wrote:

    > Dear jester,
    > The default time-out limit is 20 minutes.
    > Please see the Microsoft documentation "Configuring ASP.NET Applications to
    > Use the Appropriate Session State"
    >
    > http://www.microsoft.com/resources/...2003/all/deployguide/en-us/iisdg_net_mshe.asp
    >
    > Sorry.. The URL is bit long...
    >
    > Rgds,
    > John Paul. A
    >
    > "jester" wrote:
    >
    > >
    > > But what would be the default cookie expiration if I don't set it explicitly?
    > >
    > > "John Paul. A" wrote:
    > >
    > > > Hi jester,
    > > > Please ignore my previous reply, becoz my reply to DPAPI has come here.
    > > >
    > > > Regarding the RedirectFromLoginPage - persistent cookie, you can control the
    > > > expiration date, it is also a good practice too..
    > > > Here how you can do?
    > > >
    > > > If persistentCookie And expirationDays > 0 Then
    > > > ' Get a reference to the cookie just created.
    > > > Dim cookie As HttpCookie = Response.Cookies _
    > > > (FormsAuthentication.FormsCookieName)
    > > > ' Set its expiration date.
    > > > cookie.Expires = Now.AddDays(expirationDays)
    > > > ' Ensure the cookie can travel only over https.
    > > > 'cookie.Secure = True
    > > > End If
    > > >
    > > > Rgds,
    > > > John Paul. A
    > > >
    > > >
    > > > "jester" wrote:
    > > >
    > > > >
    > > > > Passing true for the second parameter of RedirectFromLoginPage creates a
    > > > > persistent cookie. When does this cookie expire?
    > > > >
     
    jester, Dec 2, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Brian

    Cookie Expiration

    Brian, Jul 28, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    430
    Brian
    Jul 28, 2003
  2. =?Utf-8?B?T2xlZyBMZWlraW4=?=

    COOKIE EXPIRATION TIME

    =?Utf-8?B?T2xlZyBMZWlraW4=?=, Aug 1, 2004, in forum: ASP .Net
    Replies:
    15
    Views:
    1,153
    Scott M.
    Aug 4, 2004
  3. =?Utf-8?B?QmlsbCBCb3Jn?=

    Trying to understand ticket/cookie expiration

    =?Utf-8?B?QmlsbCBCb3Jn?=, Oct 8, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    363
    =?Utf-8?B?QmlsbCBCb3Jn?=
    Oct 8, 2004
  4. =?Utf-8?B?QmlsbCBCb3Jn?=

    What relationship between cookie and ticket expiration?

    =?Utf-8?B?QmlsbCBCb3Jn?=, Dec 22, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    388
    =?Utf-8?B?QmlsbCBCb3Jn?=
    Dec 23, 2004
  5. gk
    Replies:
    7
    Views:
    1,004
    Tom Anderson
    Oct 12, 2010
Loading...

Share This Page