T
tfs
I have a web program that is using formauthentication.
My web.config file is
<configuration>
<appSettings>
<add key="MM_CONNECTION_HANDLER_ServerDino"
value="sqlserver.htm" />
<add key="MM_CONNECTION_STRING_ServerDino"
value="Persist Security Info=False;Data Source=Dino;Initial
Catalog=KrystalClear;User ID=sa;Password=;" />
<add key="MM_CONNECTION_DATABASETYPE_ServerDino"
value="SQLServer" />
<add key="MM_CONNECTION_SCHEMA_ServerDino"
value="" />
<add key="MM_CONNECTION_CATALOG_ServerDino"
value="" />
</appSettings>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="SECAUTH" loginUrl="login.aspx"
timeout="5">
<credentials />
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
Here is the cookie that shows up in my cookies file:
My login page works correctly and gets redirected correctly. After
that, when I go to my pages it doesn't go to the login page (which it
shouldn't).
The problem is 20 minutes later, it still doesn't go to the login page
and the cookie is still there. I thought the timeout was supposed to
delete the cookie after the timeout period - it doesn't.
I did read that it doesn't work for persistant cookies. If this is
the case, how do I make time "not persistant"?
Thanks,
Tom.
My web.config file is
<configuration>
<appSettings>
<add key="MM_CONNECTION_HANDLER_ServerDino"
value="sqlserver.htm" />
<add key="MM_CONNECTION_STRING_ServerDino"
value="Persist Security Info=False;Data Source=Dino;Initial
Catalog=KrystalClear;User ID=sa;Password=;" />
<add key="MM_CONNECTION_DATABASETYPE_ServerDino"
value="SQLServer" />
<add key="MM_CONNECTION_SCHEMA_ServerDino"
value="" />
<add key="MM_CONNECTION_CATALOG_ServerDino"
value="" />
</appSettings>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="SECAUTH" loginUrl="login.aspx"
timeout="5">
<credentials />
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
Here is the cookie that shows up in my cookies file:
My login page works correctly and gets redirected correctly. After
that, when I go to my pages it doesn't go to the login page (which it
shouldn't).
The problem is 20 minutes later, it still doesn't go to the login page
and the cookie is still there. I thought the timeout was supposed to
delete the cookie after the timeout period - it doesn't.
I did read that it doesn't work for persistant cookies. If this is
the case, how do I make time "not persistant"?
Thanks,
Tom.