473,387 Members | 1,420 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > forms authentications questions

Join Bytes to post your question to a community of 473,387 software developers and data experts.

Forms authentications questions

I have 2 questions:

1. I am trying to use forms authentication. When the user logs out, I
make these function
calls:
Session.Abandon();
FormsAuthentication.SignOut();
But after they log out, the user can (e.g. through the web history) go
and look at any pages that were already viewed when the session was
going on because of the cache. I don't want them to be able to do
that. So if I put the following function call in the Page_Load
function of every page, it fixes the problem:
Response.Cache.SetCacheability(HttpCacheability.No Cache);
Is it possible to do this globally so that it applies to every page in
the application rather than having to do it in every page?

2. I want the session to time out and for forms authentication to
automatically log the user out if they haven't done anything for a
while. So I set the Session.Timeout to something appropriate and it
times out great. I put the FormsAuthentication.SignOut() function call
inside the Session_End() function (which gets called properly when the
session times out), but it doesn't seem to log the user out of forms
authentication. The user can still view all the pages. How can I do
this?

Thanks in advnce
Nov 18 '05 #1
3 1532
Hello

The answer to the first question, is put the Response.Cache.SetCacheability
in the Application_BeginRequest.
As for the second question, FormsAuthentication timeout can be achieved
using the timeout attribute in the forms element in web.config
<authentication mode="Forms">
<forms loginUrl="login.aspx" timeout="30" slidingExpiration="true">
</authentication>

the default value is 30, the slidingExpiration makes the 30 minutes
renewable when the user keeps browsing the site, otherwise his session will
expire as soon as the 30 minutes are over regardless of his activity

Best regards,
Sherif

"john" <jo********@yahoo.com> wrote in message
news:29*************************@posting.google.co m...
I have 2 questions:

1. I am trying to use forms authentication. When the user logs out, I
make these function
calls:
Session.Abandon();
FormsAuthentication.SignOut();
But after they log out, the user can (e.g. through the web history) go
and look at any pages that were already viewed when the session was
going on because of the cache. I don't want them to be able to do
that. So if I put the following function call in the Page_Load
function of every page, it fixes the problem:
Response.Cache.SetCacheability(HttpCacheability.No Cache);
Is it possible to do this globally so that it applies to every page in
the application rather than having to do it in every page?

2. I want the session to time out and for forms authentication to
automatically log the user out if they haven't done anything for a
while. So I set the Session.Timeout to something appropriate and it
times out great. I put the FormsAuthentication.SignOut() function call
inside the Session_End() function (which gets called properly when the
session times out), but it doesn't seem to log the user out of forms
authentication. The user can still view all the pages. How can I do
this?

Thanks in advnce

Nov 18 '05 #2
Thanks for the response. Your suggestions work! Is there any way I can
set the forms authentication timeout programatically rather than in
web.config?
"Sherif ElMetainy" <el*************@wayout.net.NOSPAM> wrote in message news:<eZ**************@TK2MSFTNGP10.phx.gbl>...
Hello

The answer to the first question, is put the Response.Cache.SetCacheability
in the Application_BeginRequest.
As for the second question, FormsAuthentication timeout can be achieved
using the timeout attribute in the forms element in web.config
<authentication mode="Forms">
<forms loginUrl="login.aspx" timeout="30" slidingExpiration="true">
</authentication>

the default value is 30, the slidingExpiration makes the 30 minutes
renewable when the user keeps browsing the site, otherwise his session will
expire as soon as the 30 minutes are over regardless of his activity

Best regards,
Sherif

Nov 18 '05 #3
Hello

In this case, you have to manually issue the forms authentication ticket.
instead of RedirectFromLoginPage

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
username, DateTime.Now, DateTime.Now.AddMinutes(formsTimeout), false, role);
string encTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie =
HttpContext.Current.Response.Cookies[FormsAuthentication.FormsCookieName];
if(cookie == null)
{
cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
HttpContext.Current.Response.Cookies.Add(cookie);
}
else
{
cookie.Value = encTicket;
}
string url = HttpContext.Current.Request.QueryString["ReturnUrl"];
if(url == null)
{
url = "Default.aspx";
}
HttpContext.Current.Response.Redirect(url, true);

Best regards,
Sherif

"john" <jo********@yahoo.com> wrote in message
news:29**************************@posting.google.c om...
Thanks for the response. Your suggestions work! Is there any way I can
set the forms authentication timeout programatically rather than in
web.config?
"Sherif ElMetainy" <el*************@wayout.net.NOSPAM> wrote in message

news:<eZ**************@TK2MSFTNGP10.phx.gbl>...
Hello

The answer to the first question, is put the Response.Cache.SetCacheability in the Application_BeginRequest.
As for the second question, FormsAuthentication timeout can be achieved
using the timeout attribute in the forms element in web.config
<authentication mode="Forms">
<forms loginUrl="login.aspx" timeout="30" slidingExpiration="true">
</authentication>

the default value is 30, the slidingExpiration makes the 30 minutes
renewable when the user keeps browsing the site, otherwise his session will expire as soon as the 30 minutes are over regardless of his activity

Best regards,
Sherif

Nov 18 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
Deploying a Windows Forms App that uses Web Services.
by: Chris Dunaway | last post by:
A quick scan of the group did not immediately reveal an answer to my questions so here goes. First let me describe my app and then I'll ask the questions. I am writing a Windows Forms App (not...
ASP.NET
6
Forms Authentication not working on server
by: Russell | last post by:
Hello there, keywords so you can find this message: russell mccloy server forms authentication InvalidCastException not working after login logon We have an issue with Forms Authentication. I...
ASP.NET
1
How to config the web.config for both Internal and External users using Windows and Forms Authentication?
by: ABC | last post by:
I have a new project which is a web site used by Internal and External users (login required users) and public users (no login required users). On internal users, all users login network using...
ASP.NET
20
Multiple simulataneous forms in a sinlge application
by: Peter Oliphant | last post by:
How does one launch multiple forms in an application? Using Photoshop as an example, this application seems to be composed of many 'disjoint' forms. Yet, they all seem somewhat 'active' in...
.NET Framework
1
Forms - Splitting Questions & Design
by: robertmeyer1 | last post by:
Hi, I have 3 tables set up. tblQuestion, tblAnswer, tblClient. I have them linked together and have a sbf and mainform set up for data entry. The sbf links the questions and answers together. ...
Microsoft Access / VBA
1
Problem Opening Forms
by: robertmeyer1 | last post by:
Hey, I am having a problem with opening some forms. I have several forms. The forms are based off the same table, tblClient. Each form has a sbf inserted into it. These sbf’s are each based...
Microsoft Access / VBA
5
Can I open forms randomly?
by: EManning | last post by:
Using A2K. I've got a request to develop a database consisting of survey questions. There are 2 sets of questions, set A and set B. A has 12 questions, B has 11. The requester of this database...
Microsoft Access / VBA
5
Forms Authentication vs MembershipProvider
by: Rory Becker | last post by:
Having now created a Custom MembershipProvider that seems to work correctly with my Logon and ChangePassword controls, I am, as they say, a happy bunny. The next stange is to move on to the...
ASP.NET
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!