How long is the formsauthentication ticket valid

S

Swati

Hello

These questions may seem stupid but I am confused about the
formsauthentication ticket stuff. From what I know till now it is a
cookie/session variable ( I am still not sure which of the two).
1. When I use a FormsAuthentication.SetAuthCookie method I do not
specify a timeout. So how long is this valid.
2. Is this the same thing that I later access using
Contect.User.Identity?

Any help appreciated.

thnx,
Swati
 
A

avnrao

the timeout you specify in the web.config will be considered.

<authentication mode="Forms">
<forms name=".ASPXFORMSDEMO" loginUrl="logon.aspx"
protection="All" path="/" timeout="30" />
</authentication>

the AuthCookie is stored as cookie (not a session variable) on the client.
each time you get a request to the server, you need to read this cookie and
populate your Context.User with a GenericPrinciple object created using this
cookie. This generally is done in Application_Authenticate method in
global.asax file.

more info :
http://support.microsoft.com/default.aspx?scid=kb;en-us;301240&Product=aspnet

hth,
Av.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,743
Messages
2,569,478
Members
44,899
Latest member
RodneyMcAu

Latest Threads

Top