Re: Non persistent cookie timeout?

Belle,

Just after you create your cooke and before you add it to the response use

authCookie.Expires = DateTime.Now.AddMinutes(10);


--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
<bashful.belle@xxxxxxxxx> wrote in message
news:1137033448.646948.236000@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> I'm using Forms authentication and a non persistent cookie in my
> asp.net application.
> How do i get the cookie to time out after a period of inactivity, say
> 10 minutes, and force the user to login again?
> If I close the browser, the next time I use the application, it makes
> me log in - and That's fine.
> However if I keep the browser session open, it keeps my login valid for
> as long as the browser is open - I want it to time out.
> Specifying the timeout value in the web.config seems to have no effect.
> any pointers? Code appended. Thanks!
>
> <authentication mode="Forms">
> <forms loginUrl="logon.aspx" name = "portal" timeout="10"
> slidingExpiration="true" protection="All" path="/">
> </forms>
> </authentication>
>
>
> // Create the authetication ticket
> FormsAuthenticationTicket authTicket = new
> FormsAuthenticationTicket(1, txtUserName.Text, DateTime.Now,
> DateTime.Now.AddMinutes(10),false, "");
>
> // Now encrypt the ticket.
> string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
>
> // Create a cookie and add the encrypted ticket
> HttpCookie authCookie = new
> HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
>
> // Add the cookie to the outgoing cookies collection.
> Response.Cookies.Add(authCookie);
> Session.Add("Login", txtUserName.Text);
> Session.Add("Group",Group);
>
> Page.SmartNavigation = false;
> //Redirect the user to the originally requested page
> Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text,false));
>


.

Relevant Pages

  • Need Help Understanding How To Add "Groups" Feature to Web Site
    ... // Now encrypt the ticket. ... // Create a cookie and add the encrypted ticket to the ... (FormsAuthentication.FormsCookieName, encryptedTicket); ... FormsAuthenticationTicket authTicket = null; ...
    (microsoft.public.dotnet.framework)
  • Re: Changing windows passwords remotely
    ... Find great Windows Forms articles in Windows Forms Tips and Tricks ... > //Create the ticket, and add the groups. ... > String encryptedTicket = FormsAuthentication.Encrypt; ... > //Create a cookie, and then add the encrypted ticket to the ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Changing windows passwords remotely
    ... > //Create the ticket, and add the groups. ... > DateTime.Now, DateTime.Now.AddMinutes, isCookiePersistent, ... > String encryptedTicket = FormsAuthentication.Encrypt; ... > //Create a cookie, and then add the encrypted ticket to the ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Changing windows passwords remotely
    ... about how to proceed or a web resource that dicusses the subject. ... //Create the ticket, and add the groups. ... String encryptedTicket = FormsAuthentication.Encrypt; ... //Create a cookie, and then add the encrypted ticket to the ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Form Authentication Ticket
    ... The auth ticket is in essence the user's name encrypted in the cookie. ... other sensitive data into a cookie so the browser passes it back every time. ... > generating authentication ticket, encrypt it, create a cookie, and add ...
    (microsoft.public.dotnet.framework.aspnet.security)