HELP: Constantly expiring cookie!!! :(

Discussion in 'ASP .Net Security' started by VB Programmer, Nov 3, 2003.

  1. I have a login page that creates a cookie. The expiration time (in seconds)
    is in a string in web.config. The problem is that I have to keep logging
    in after only a few minutes. Any ideas? Here's portions of my cookie
    code...

    Dim ctxMyContext As HttpContext = HttpContext.Current
    Dim fatTicket As New FormsAuthenticationTicket( _
    1, txtUserName.Text.ToUpper.Trim, DateTime.Now, _
    DateTime.Now.AddMinutes(30), False, strUserData)
    Dim strCookieValue As String =
    FormsAuthentication.Encrypt(fatTicket)
    Dim cookieMyCookie As HttpCookie = New
    HttpCookie(FormsAuthentication.FormsCookieName)
    Dim strReturnUrl As String

    ' Create custom cookie
    With cookieMyCookie
    .Path = FormsAuthentication.FormsCookiePath
    .Value = strCookieValue
    .Expires =
    DateTime.Now.AddMinutes(CType(ConfigurationSettings.AppSettings("CookieExpir
    ationMinutes"), Double))
    End With
    ctxMyContext.Response.Cookies.Add(cookieMyCookie)

    Thanks,
    Robert
     
    VB Programmer, Nov 3, 2003
    #1
    1. Advertisements

  2. VB Programmer

    Andre Guest

    If you use an absolute date as a expiration date, this
    date is set by the server, in the server's timezone.

    Cookie expiration is in a way handle by the client. The
    browser decides whether to include the cookie in the
    request send to the server. It does so if the expiration
    date is ahead of the client date.

    If the server is in a different timezone it can be
    problematic.
     
    Andre, Nov 8, 2003
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.