472,958 Members | 1,611 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > forms authentications questions

Join Bytes to post your question to a community of 472,958 software developers and data experts.

Forms authentications questions

I have 2 questions:

1. I am trying to use forms authentication. When the user logs out, I
make these function
calls:
Session.Abandon();
FormsAuthentication.SignOut();
But after they log out, the user can (e.g. through the web history) go
and look at any pages that were already viewed when the session was
going on because of the cache. I don't want them to be able to do
that. So if I put the following function call in the Page_Load
function of every page, it fixes the problem:
Response.Cache.SetCacheability(HttpCacheability.No Cache);
Is it possible to do this globally so that it applies to every page in
the application rather than having to do it in every page?

2. I want the session to time out and for forms authentication to
automatically log the user out if they haven't done anything for a
while. So I set the Session.Timeout to something appropriate and it
times out great. I put the FormsAuthentication.SignOut() function call
inside the Session_End() function (which gets called properly when the
session times out), but it doesn't seem to log the user out of forms
authentication. The user can still view all the pages. How can I do
this?

Thanks in advnce
Nov 18 '05 #1
3 1495
Hello

The answer to the first question, is put the Response.Cache.SetCacheability
in the Application_BeginRequest.
As for the second question, FormsAuthentication timeout can be achieved
using the timeout attribute in the forms element in web.config
<authentication mode="Forms">
<forms loginUrl="login.aspx" timeout="30" slidingExpiration="true">
</authentication>

the default value is 30, the slidingExpiration makes the 30 minutes
renewable when the user keeps browsing the site, otherwise his session will
expire as soon as the 30 minutes are over regardless of his activity

Best regards,
Sherif

"john" <jo********@yahoo.com> wrote in message
news:29*************************@posting.google.co m...
I have 2 questions:

1. I am trying to use forms authentication. When the user logs out, I
make these function
calls:
Session.Abandon();
FormsAuthentication.SignOut();
But after they log out, the user can (e.g. through the web history) go
and look at any pages that were already viewed when the session was
going on because of the cache. I don't want them to be able to do
that. So if I put the following function call in the Page_Load
function of every page, it fixes the problem:
Response.Cache.SetCacheability(HttpCacheability.No Cache);
Is it possible to do this globally so that it applies to every page in
the application rather than having to do it in every page?

2. I want the session to time out and for forms authentication to
automatically log the user out if they haven't done anything for a
while. So I set the Session.Timeout to something appropriate and it
times out great. I put the FormsAuthentication.SignOut() function call
inside the Session_End() function (which gets called properly when the
session times out), but it doesn't seem to log the user out of forms
authentication. The user can still view all the pages. How can I do
this?

Thanks in advnce

Nov 18 '05 #2
Thanks for the response. Your suggestions work! Is there any way I can
set the forms authentication timeout programatically rather than in
web.config?
"Sherif ElMetainy" <el*************@wayout.net.NOSPAM> wrote in message news:<eZ**************@TK2MSFTNGP10.phx.gbl>...
Hello

The answer to the first question, is put the Response.Cache.SetCacheability
in the Application_BeginRequest.
As for the second question, FormsAuthentication timeout can be achieved
using the timeout attribute in the forms element in web.config
<authentication mode="Forms">
<forms loginUrl="login.aspx" timeout="30" slidingExpiration="true">
</authentication>

the default value is 30, the slidingExpiration makes the 30 minutes
renewable when the user keeps browsing the site, otherwise his session will
expire as soon as the 30 minutes are over regardless of his activity

Best regards,
Sherif

Nov 18 '05 #3
Hello

In this case, you have to manually issue the forms authentication ticket.
instead of RedirectFromLoginPage

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
username, DateTime.Now, DateTime.Now.AddMinutes(formsTimeout), false, role);
string encTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie =
HttpContext.Current.Response.Cookies[FormsAuthentication.FormsCookieName];
if(cookie == null)
{
cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
HttpContext.Current.Response.Cookies.Add(cookie);
}
else
{
cookie.Value = encTicket;
}
string url = HttpContext.Current.Request.QueryString["ReturnUrl"];
if(url == null)
{
url = "Default.aspx";
}
HttpContext.Current.Response.Redirect(url, true);

Best regards,
Sherif

"john" <jo********@yahoo.com> wrote in message
news:29**************************@posting.google.c om...
Thanks for the response. Your suggestions work! Is there any way I can
set the forms authentication timeout programatically rather than in
web.config?
"Sherif ElMetainy" <el*************@wayout.net.NOSPAM> wrote in message

news:<eZ**************@TK2MSFTNGP10.phx.gbl>...
Hello

The answer to the first question, is put the Response.Cache.SetCacheability in the Application_BeginRequest.
As for the second question, FormsAuthentication timeout can be achieved
using the timeout attribute in the forms element in web.config
<authentication mode="Forms">
<forms loginUrl="login.aspx" timeout="30" slidingExpiration="true">
</authentication>

the default value is 30, the slidingExpiration makes the 30 minutes
renewable when the user keeps browsing the site, otherwise his session will expire as soon as the 30 minutes are over regardless of his activity

Best regards,
Sherif

Nov 18 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
Deploying a Windows Forms App that uses Web Services.
by: Chris Dunaway | last post by:
A quick scan of the group did not immediately reveal an answer to my questions so here goes. First let me describe my app and then I'll ask the questions. I am writing a Windows Forms App (not...
ASP.NET
6
Forms Authentication not working on server
by: Russell | last post by:
Hello there, keywords so you can find this message: russell mccloy server forms authentication InvalidCastException not working after login logon We have an issue with Forms Authentication. I...
ASP.NET
1
How to config the web.config for both Internal and External users using Windows and Forms Authentication?
by: ABC | last post by:
I have a new project which is a web site used by Internal and External users (login required users) and public users (no login required users). On internal users, all users login network using...
ASP.NET
20
Multiple simulataneous forms in a sinlge application
by: Peter Oliphant | last post by:
How does one launch multiple forms in an application? Using Photoshop as an example, this application seems to be composed of many 'disjoint' forms. Yet, they all seem somewhat 'active' in...
.NET Framework
1
Forms - Splitting Questions & Design
by: robertmeyer1 | last post by:
Hi, I have 3 tables set up. tblQuestion, tblAnswer, tblClient. I have them linked together and have a sbf and mainform set up for data entry. The sbf links the questions and answers together. ...
Microsoft Access / VBA
1
Problem Opening Forms
by: robertmeyer1 | last post by:
Hey, I am having a problem with opening some forms. I have several forms. The forms are based off the same table, tblClient. Each form has a sbf inserted into it. These sbf’s are each based...
Microsoft Access / VBA
5
Can I open forms randomly?
by: EManning | last post by:
Using A2K. I've got a request to develop a database consisting of survey questions. There are 2 sets of questions, set A and set B. A has 12 questions, B has 11. The requester of this database...
Microsoft Access / VBA
5
Forms Authentication vs MembershipProvider
by: Rory Becker | last post by:
Having now created a Custom MembershipProvider that seems to work correctly with my Logon and ChangePassword controls, I am, as they say, a happy bunny. The next stange is to move on to the...
ASP.NET
0
React to native button blinking effect
by: lllomh | last post by:
Define the method first this.state = { buttonBackgroundColor: 'green', isBlinking: false, // A new status is added to identify whether the button is blinking or not } autoStart=()=>{
Software Development
2
Windows 11 and Access Combo Box Issue
by: DJRhino | last post by:
Was curious if anyone else was having this same issue or not.... I was just Up/Down graded to windows 11 and now my access combo boxes are not acting right. With win 10 I could start typing...
Microsoft Access / VBA
0
tracyyun
Can faster file sharing be achieved by connecting computers simultaneously via WiFi and LAN cables
by: tracyyun | last post by:
Hello everyone, I have a question and would like some advice on network connectivity. I have one computer connected to my router via WiFi, but I have two other computers that I want to be able to...
Networking - Hardware / Configuration
2
Energy Model code modification to account for year dependent interest rate
by: giovanniandrean | last post by:
The energy model is structured as follows and uses excel sheets to give input data: 1-Utility.py contains all the functions needed to calculate the variables and other minor things (mentions...
Python
1
Report value list
by: Teri B | last post by:
Hi, I have created a sub-form Roles. In my course form the user selects the roles assigned to the course. 0ne-to-many. One course many roles. Then I created a report based on the Course form and...
Microsoft Access / VBA
0
isladogs
Access Europe Meeting - Wed 1 Nov - Using SQL Server skills to extend Access
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 1 Nov 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM) Please note that the UK and Europe revert to winter time on...
Microsoft Access / VBA
3
Finding a record, and then saving a new record after the record has been amended.
by: nia12 | last post by:
Hi there, I am very new to Access so apologies if any of this is obvious/not clear. I am creating a data collection tool for health care employees to complete. It consists of a number of...
Microsoft Access / VBA
0
isladogs
Access Europe Meeting - Wed 6 Dec - Streamline Your Import/Export Spec Workflow with VBA Classes
by: isladogs | last post by:
The next online meeting of the Access Europe User Group will be on Wednesday 6 Dec 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, Mike...
Microsoft Access / VBA
2
Take a Database to the Next Level
by: GKJR | last post by:
Does anyone have a recommendation to build a standalone application to replace an Access database? I have my bookkeeping software I developed in Access that I would like to make available to other...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2023
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!