Two things - You would need to set the timeout:
<authenticati on mode="Forms">
<forms name=".YourAppC ookieName"
loginUrl="login .aspx"
protection="All "
timeout="60" '<--------here - Number of minutes until authentication
cookie expires.
path="/"
/>
</authentication>
Also - in your login page, when you have the redirection statement - if you
have:
FormsAuthentica tion.RedirectFr omLoginPage(txt UID.text, True) '<---- if you
set this to 'True", then it sets a permanent cookie, with an expiration date
about 50 years from it's creation date.
David Wier
http://aspnet101.com http://aspexpress.com
"Kian Goh" <ki************ @hotmail.com> wrote in message
news:eF******** ******@tk2msftn gp13.phx.gbl...
Hi there,
I am trying to use an entry level security for my resources website. I
followed the procedures in the MS published Self-Paced Training Kit,
everything seems working as expected. However, I found that the
authentication cookie never expires.
I thought the default timeout is 30 minutes. Please tell me if I miss any
step...
Thanks a lot,
Kian
<authenticati on mode="Forms">
<forms loginUrl="Resou rcesLogon.aspx" >
<credentials passwordFormat= "Clear">
<user name="kk" password="dd"/>
</credentials>
</forms>
</authentication>
<authorizatio n>
<deny users="?" /> <!--Deny all unauthenticated users-->
</authorization>