Re: login control persistent cookie problem

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

maybe we are miscommunicating...

I have several asp.net 1.1 apps that simply say:
FormsAuthentication.RedirectFromLoginPage(tbEmail.Text,
cbRememberMe.Checked)
and the cookie lasts forever. There is no timout setting in the web.config.
Iv'e doing this for years.

Persistent cookies are commonplace everywhere. My (any probably your)
amazon.com cookies last forever.

Maybe something has changed with the LoginControl.

--
Regards,
Gary Blakely
Dean Blakely & Associates
www.deanblakely.com
"Steven Cheng[MSFT]" <stcheng@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:Ap5mkVfwHHA.2148@xxxxxxxxxxxxxxxxxxxxxxxxx
Hi Gary,

From your description, you found that the "Login" control's "remember me"
setting doesn't work as expected(make the authentiation cookie
persisted),correct?

Based on my understanding, the Login Control's "RememberMe" property play
the same role as the second boolean parameter of the
FormsAuthentications.Authenticate(Or RedirectFromLoginPage) method. Here
is
the diassembled code of the LoginControl from reflector:

========================
private void AttemptLogin()
{
if ((this.Page == null) || this.Page.IsValid)
{
LoginCancelEventArgs e = new LoginCancelEventArgs();
this.OnLoggingIn(e);
if (!e.Cancel)
{
AuthenticateEventArgs args2 = new AuthenticateEventArgs();
this.OnAuthenticate(args2);
if (args2.Authenticated)
{
FormsAuthentication.SetAuthCookie(this.UserNameInternal,
this.RememberMeSet);
this.OnLoggedIn(EventArgs.Empty);
this.Page.Response.Redirect(this.GetRedirectUrl(), false);
}
else
{
this.OnLoginError(EventArgs.Empty);
if (this.FailureAction ==
LoginFailureAction.RedirectToLoginPage)
{

FormsAuthentication.RedirectToLoginPage("loginfailure=1");
}
ITextControl failureTextLabel = (ITextControl)
this.TemplateContainer.FailureTextLabel;
if (failureTextLabel != null)
{
failureTextLabel.Text = this.FailureText;
}
}
}
}
}
==========================

Also, for the authenticaiton ticket(cookie)'s timeout, as far as I know,
the only configuration option is in the web.config file's
<authentication>/<forms>/@timeout attribute. This controls the cookie's
timeout (when you use persistent cookie).

=============
<authentication mode="Windows">
<forms
...............
timeout="30"
.................>
........
</forms>
<passport redirectUrl="internal" />
</authentication>
==================

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================


This posting is provided "AS IS" with no warranties, and confers no
rights.



.

Relevant Pages

  • RE: How to add cookie with axWebBrowser
    ... for we need a cookie item to implement loading balance ... ByVal lpszCookieName As String, _ ... Microsoft Online Community Support ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.vb.controls.internet)
  • RE: Forms Authentication - Sudden Redirect Failure on Login
    ... HttpCookie cookie = new HttpCookie ... Yields the problem on ALL platforms, the redirect does not happen. ... Microsoft Online Community Support ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Setting Cookie.Expires
    ... As for the Cookie expire time, it does have been set on the cookie (you add ... Microsoft MSDN Online Support Lead ... from the community or a Microsoft Support ...
    (microsoft.public.dotnet.framework.aspnet)
  • RE: Forms Authentication
    ... The DNS entry for my domain was not set corrretly, ... This should have overcome the cookie ... authentication ticketis not correctly set to the domain your ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Some questions from a newbie
    ... I'm coming to the conclusion that we can freemount, ... great for uni practice. ... and a cookie to anyone who read the entire ... you should be riding without support in no time. ...
    (rec.sport.unicycling)