473,569 Members | 2,683 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Cookies, sessions and timeouts

Just when you figure out one problem another one shows up.

I am trying to set up authentication for one of my folders and can't seem to
get it to work as advertised (I am sure I am missing something).

I want to set it up as sessionless. If I can't get that to work, I would
like to get the Timeout period to work correctly.

Here is my web.config file:

*************** *************** *************** ****
<configuratio n>
<system.web>
<sessionState cookieless="tru e" />
<customErrors mode="Off" />
<authenticati on mode="Forms">
<forms name="SECAUTH" loginUrl="vdw/password.aspx" protection="Non e"
timeout="1">
<credentials />
</forms>
</authentication>
<authorizatio n>
<allow users="*" />
</authorization>
</system.web>
</configuration>
*************** *************** *************** ****

I have cookieless set to true (no cookies) and the timeout set to 1 minute.
The program not only is creating cookies, but apparently when I look at when
it expires - it is in 2054 (50 years from now).

What is going on here?

How can I set it to drop the cookie when the browser ends? That would work
also.

Thanks,

Tom.
Nov 18 '05 #1
1 1549
"Jenni Parks" <Je********@dis cussions.micros oft.com> wrote in message
news:A6******** *************** ***********@mic rosoft.com...
How long ago did you make the change to your web.config? Often changes you've immediately made are not evidenced until you either recycle their
application pool [if on a windows 2003 box] or kill the .net process their
app is running under [if on windows 2000 box] or delete the .net temp files
previously placed in the microsoft .net temporary files directory.
Actually I did this 2 days ago, and I just started my computer and didn't
get the login page (when I delete the cookie, however, I will).

Where is the .net temporary files folder located?
Also are you coding in .NET 1.0 or .NET 1.1? Do you have a url where I can replicate your problem?

Where do I find this? I am not sure which we are running?

I don't really have a URL to check as this is an intranet.
Here is some of the pages and the URL we are getting, instead of the logon
page:

Here is the web.config file in my Contour folder (root)

<configuratio n>
<appSettings>
<add key="MM_CONNECT ION_HANDLER_Con tour_Server_ope nworx"
value="sqlserve r.htm" />
<add key="MM_CONNECT ION_STRING_Cont our_Server_open worx" value="Persist
Security Info=False;Data Source=Raptor;I nitial Catalog=openwor x;User
ID=tfs;Password =tfstom;Network Library =dbmssocn" />
<add key="MM_CONNECT ION_DATABASETYP E_Contour_Serve r_openworx"
value="SQLServe r" />
<add key="MM_CONNECT ION_SCHEMA_Cont our_Server_open worx" value="" />
<add key="MM_CONNECT ION_CATALOG_Con tour_Server_ope nworx" value="" />
<add key="MM_CONNECT ION_HANDLER_Con tour_Server" value="sqlserve r.htm" />
<add key="MM_CONNECT ION_STRING_Cont our_Server" value="Persist Security
Info=False;Data Source=Raptor;I nitial Catalog=VDW;Use r
ID=tfs;Password =tfstom;Network Library =dbmssocn" />
<add key="MM_CONNECT ION_DATABASETYP E_Contour_Serve r" value="SQLServe r" />
<add key="MM_CONNECT ION_SCHEMA_Cont our_Server" value="" />
<add key="MM_CONNECT ION_CATALOG_Con tour_Server" value="" />
</appSettings>
<system.web>
<sessionState cookieless="tru e" timeout="5" />
<customErrors mode="Off" />
<authenticati on mode="Forms">
<forms name="SECAUTH" loginUrl="vdw/password.aspx" protection="Non e"
timeout="1">
<credentials />
</forms>
</authentication>
<authorizatio n>
<allow users="*" />
</authorization>
</system.web>
</configuration>

Here is the web.config file in my VDW folder (under the Contour folder).

<configuratio n>
<system.web>
<authorizatio n>
<deny users="?" />
</authorization>
</system.web>
</configuration>

Here is the web page I get that should go to the Login page, but doesn't. I
am curious what the (3oyjlp55x3lom5 egc04sp045) is all about - it is not a
folder.

http://192.168.122.55/contour/(3oyjl...DWXferStatus.a
spx

This is the cookie that never gets deleted. When I delete it, I get the
login page, and the cookie is back (even though I have this set as
cookieless in my web.config file in the root) and never goes away.

tf*@192.168.122[1].txt

Here is the cookie contents.

SECAUTH
515A4809B01E438 401740066005000 610073007300770 06F00720064002E 00760061006C007 5
006500000070179 B202A59C4010170 9761B48167FC010 0002F000000
192.168.122.55/
1536
3022544640
33318785
547494992
29645098
*

Here is the results from my web page that looks at the cookie You'll notice
the expiration date of 2054 as well as the persistant value..

tfPassword.valu e
Cookie Path: /

Expiration: 6/23/2054 6:58:14 AM

Expired: False

IsPersistent: True

IssueDate: 6/23/2004 6:58:14 AM

UserData:

Version: 1
Here is the web page I that gave me this result (you'll notice there is no
name being displayed).

Sub Page_Load
Dim objUserIdentity As FormsIdentity
Dim objTicket As FormsAuthentica tionTicket

If User.Identity.I sAuthenticated Then
objUserIdentity = User.Identity
objTicket = objUserIdentity .Ticket
lblName.Text = objUserIdentity .Name
lblPath.Text = objTicket.Cooki ePath
lblExpiration.T ext = objTicket.Expir ation
lblExpired.Text = objTicket.Expir ed
lblIsPersistent .Text = objTicket.IsPer sistent
lblIssueDate.Te xt = objTicket.Issue Date
lblUserData.Tex t = objTicket.UserD ata
lblVersion.Text = objTicket.Versi on
Else
lblName.Text = "Who Are You?"
End If
End Sub

</Script>

<html>
<head><title>Fo rmsIdentity.asp x</title>
<body>

<asp:Label
ID="lblName"
Font-Size="18pt"
Font-Bold="True"
Runat="Server" />
<p>
Cookie Path:
<asp:Label
ID="lblPath"
Font-Size="18pt"
Font-Bold="True"
Runat="Server" />
<p>
Expiration:
<asp:Label
ID="lblExpirati on"
Runat="Server" />
<p>
Expired:
<asp:Label
ID="lblExpired "
Runat="Server" />
<p>
IsPersistent:
<asp:Label
ID="lblIsPersis tent"
Runat="Server" />
<p>
IssueDate:
<asp:Label
ID="lblIssueDat e"
Runat="Server" />
<p>
UserData:
<asp:Label
ID="lblUserData "
Runat="Server" />
<p>
Version:
<asp:Label
ID="lblVersion "
Runat="Server" />

</body>
</html>

Thanks,

Tom
Best Regards,

Jennifer M.G. Parks

Application Dev & Sr Tech Support
Activehost Corporation
Web site: http://www.activehost.com
Technical Support: http://www.activehost.com/support
(518) 372.2842 x230
(518) 372.5349 fax

Considering Activehost? Read what our customers have to say about us.
http://www.actionjackson.com/hosts/h....asp?HostID=27
"Thomas Scheiderich" wrote:
Just when you figure out one problem another one shows up.

I am trying to set up authentication for one of my folders and can't seem to get it to work as advertised (I am sure I am missing something).

I want to set it up as sessionless. If I can't get that to work, I would like to get the Timeout period to work correctly.

Here is my web.config file:

*************** *************** *************** ****
<configuratio n>
<system.web>
<sessionState cookieless="tru e" />
<customErrors mode="Off" />
<authenticati on mode="Forms">
<forms name="SECAUTH" loginUrl="vdw/password.aspx" protection="Non e"
timeout="1">
<credentials />
</forms>
</authentication>
<authorizatio n>
<allow users="*" />
</authorization>
</system.web>
</configuration>
*************** *************** *************** ****

I have cookieless set to true (no cookies) and the timeout set to 1 minute. The program not only is creating cookies, but apparently when I look at when it expires - it is in 2054 (50 years from now).

What is going on here?

How can I set it to drop the cookie when the browser ends? That would work also.

Thanks,

Tom.

Nov 18 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
5
3178
Check for cookies
by: TG | last post by:
This is more of a pain than I thought it would be. I need a simple code segment to determine whether a browser accepts cookies or not. When I pass variables between pages when cookies are turned off, the global variables are empty between pages, fine, that tells me cookies store the global variables - right? I store the values in $_session and...
PHP
1
2806
cookies and sessions
by: windandwaves | last post by:
Hi Gurus I am basically sorry that I have to bother you about this. I am a PHP beginner and I have been studying sessions and cookies over the last few weeks. I have learned lots, but I am missing the big picture. Is it like this: 1. user comes to site 2. user does something (e.g. a search) that may be useful later => session
PHP
4
3246
Monitoring logged-in users with sessions: autologoff
by: vesely | last post by:
Hi all, I'm currently relying on logged-in users hitting "logout" (logoff) before they leave, in order to terminate the session. With PHP the session filename is in a cookie that lasts for the current session. The problem is that the server does not know when the current session expires. (I have quite long timeouts.) Did anybody attempt...
PHP
2
3328
Cookies , Session Which is Better ? and Global.asa Question
by: Amit D.Shinde | last post by:
Hello Experts.. I need some help regarding cookies and session objects and also global.asa file I am creating one cookie when a user logs in on my website. The cookie stores the login name of the user. I want that cookie should get deleted when user closes the browser without signing out. I think it is done in global.asa file . But i...
ASP / Active Server Pages
7
1992
session cookies
by: Marcus | last post by:
I know that when you start a session in PHP, the "cookie" it creates is not the same as those that are stored in your browser's temp folder, and instead is kept in RAM. I am confused because in every session tutorial I have ever read, the author invariably mentions the 2 main ways of propagating sessions - through cookies and appended to the...
PHP
7
3325
sessions vs cookies
by: Atte André Jensen | last post by:
Hi I'm developing a site where I'd like to store information during a users visit. So far I've been using sessions, but as far as I can tell it's not possible to control for how long a session is valid. It seems that these information are valid until the browser closes. On the other hand it's possible to set expiration time for cookies. ...
PHP
1
4451
Authentication Cookie not in Request.Cookies
by: Joe | last post by:
In ASP.NET 1.1 I could detected expired form authentication tickets (which closely coincide with my expired session) by checking for the Authentication Cookie when the login screen loads. If the cookie exists, then decrypt the forms auth. ticket and check to see if it is expired. If so display a message to the user letting them know why they...
ASP.NET
5
5554
Why Do PHP Cookies and Sessions Work Even When Cookies Are Disabled?
by: jheines | last post by:
I am trying to explain how cookies and sessions work in a class I teach, but I have hit a wall when it comes to the interaction between cookies and the state of the privacy settings in Internet Explorer. I would appreciate any help anyone can offer, please. First, consider the following very simple JavaScript function: function...
PHP
8
2749
sessions - with or without cookies
by: Chuck Anderson | last post by:
I've instituted a sessions based scheme on my web site to combat hot linking to my images. When someone requests a page at my site, I set a session variable. I then use htaccess to redirect *all* image requests to a Php script that checks for that variable before simply delivering the image. Direct links to my images will fail this test and...
PHP
0
7698
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
General
0
7612
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
Windows Server
1
7673
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
Windows Server
0
7970
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
General
0
6284
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
Career Advice
1
5513
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
Microsoft Access / VBA
0
5219
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
C# / C Sharp
0
3640
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
2113
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us