Re: Sessions and Forms Authentication Cookie
From: George Durzi (gdurzi_at_hotmail.com)
Date: 11/16/04
- Next message: Ben Strackany: "Re: request queue makes web app down"
- Previous message: bruce barker: "Re: Check if var is alphanumeric?"
- In reply to: Bijoy Naick: "Sessions and Forms Authentication Cookie"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 16 Nov 2004 11:49:48 -0700
You can also set the expiration time of the forms authentication cookie in
your web.config file.
I set it so it's the same as my session timeout.
"Bijoy Naick" <b_naick@yahoo.ca> wrote in message
news:OaV2jgAzEHA.1040@TK2MSFTNGP10.phx.gbl...
>I have a folder on my site secured with Forms Authentication. After the
>user
> is authenticated, I set a session level variable.
>
> The session time on the server is set to 20 mins. I am guessing the
> default
> expiry time for the Forms Authentication cookie is 30 mins? Is this
> correct?
>
> So after 20 mins, the session expires (assuming no user activity), but
> because the forms auth cookie is still alive, users are not redirected to
> the login page. The other pages are not able to read the session level
> variable cuz the session has already expired.
>
> How do I go about changing the forms cookie expiry time? I've seen a
> timeout
> attribute to the forms tag that is used in Web.Config.. Is this what I
> should be using?
>
>
- Next message: Ben Strackany: "Re: request queue makes web app down"
- Previous message: bruce barker: "Re: Check if var is alphanumeric?"
- In reply to: Bijoy Naick: "Sessions and Forms Authentication Cookie"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
