T
tfs
I have a web program that is using formauthentication.
My web.config file is
<configuration>
<appSettings>
<add key="MM_CONNECTION_HANDLER_ServerDino"
value="sqlserver.htm" />
<add key="MM_CONNECTION_STRING_ServerDino"
value="Persist Security Info=False;Data Source=Dino;Initial
Catalog=KrystalClear;User ID=sa;Password=;" />
<add key="MM_CONNECTION_DATABASETYPE_ServerDino"
value="SQLServer" />
<add key="MM_CONNECTION_SCHEMA_ServerDino"
value="" />
<add key="MM_CONNECTION_CATALOG_ServerDino"
value="" />
</appSettings>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="SECAUTH" loginUrl="login.aspx"
timeout="5">
<credentials />
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
Here is the cookie that shows up in my cookies file:
My login page works correctly and gets redirected correctly. After
that, when I go to my pages it doesn't go to the login page (which it
shouldn't).
The problem is 20 minutes later, it still doesn't go to the login page
and the cookie is still there. I thought the timeout was supposed to
delete the cookie after the timeout period - it doesn't.
I did read that it doesn't work for persistant cookies. If this is
the case, how do I make time "not persistant"?
Thanks,
Tom.
My web.config file is
<configuration>
<appSettings>
<add key="MM_CONNECTION_HANDLER_ServerDino"
value="sqlserver.htm" />
<add key="MM_CONNECTION_STRING_ServerDino"
value="Persist Security Info=False;Data Source=Dino;Initial
Catalog=KrystalClear;User ID=sa;Password=;" />
<add key="MM_CONNECTION_DATABASETYPE_ServerDino"
value="SQLServer" />
<add key="MM_CONNECTION_SCHEMA_ServerDino"
value="" />
<add key="MM_CONNECTION_CATALOG_ServerDino"
value="" />
</appSettings>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="SECAUTH" loginUrl="login.aspx"
timeout="5">
<credentials />
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
Here is the cookie that shows up in my cookies file:
SECAUTH
83159EFF5FD04C3A8A3272D2C6151C78A65430DBE1658371985286A3783646794F635ECF099CFE328AE3CC6FFBB5A02FD715454B1B3809D149271818E24E972345362A0E5E1BF67D28044A511AA5BF59B4ECC2E3AA8CAA4D
192.168.122.55/
1536
1961189632
33319508
3778607280
29645820
*
My login page works correctly and gets redirected correctly. After
that, when I go to my pages it doesn't go to the login page (which it
shouldn't).
The problem is 20 minutes later, it still doesn't go to the login page
and the cookie is still there. I thought the timeout was supposed to
delete the cookie after the timeout period - it doesn't.
I did read that it doesn't work for persistant cookies. If this is
the case, how do I make time "not persistant"?
Thanks,
Tom.