469,926 Members | 1,512 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,926 developers. It's quick & easy.

Authenticate and session

Hi

I am using Forms Authentiaction. In Login Page, after authenticate, I read
from database some info and save them into session.

I set session time out 1 minutes, after that time, session will be destroy
but authentication info still alive. When user request again, his
authentiacation info still valid but there is no session data of him?

how can I solve the problem

--
Vi
Nov 18 '05 #1
3 1576

Form authentication timeout is independent of the Session timeout. Forms authentication uses a cookie which remains valid even after session restart

best solution is to adopt an independent and design your app accordingly - i mean user authenticates but Session contains no data. then go ahead and populate the sessions

Another workaround is to use "OnAcquireRequestState" event and call FormsAuthentication.SignOut() inside that if the session value is blank

Hope this hel

Avnees
MCAD,MCSD.Ne
then the application and therefore the Session will be restarted, but the authentication cookie will still be vali
----- TruongLapVi wrote: ----

H

I am using Forms Authentiaction. In Login Page, after authenticate, I rea
from database some info and save them into session

I set session time out 1 minutes, after that time, session will be destro
but authentication info still alive. When user request again, hi
authentiacation info still valid but there is no session data of him

how can I solve the proble

--
V

Nov 18 '05 #2
I think ur Session and forms cookie timeout should be in Synchronous

i.e same should be the value...
--
Thanks and Regards,

Amit Agarwal
Software Programmer(.NET)
"Avneesh" <av*****@helloprojects.com> wrote in message
news:FF**********************************@microsof t.com...

Form authentication timeout is independent of the Session timeout. Forms authentication uses a cookie which remains valid even after session restart.
best solution is to adopt an independent and design your app accordingly - i mean user authenticates but Session contains no data. then go ahead and
populate the sessions.
Another workaround is to use "OnAcquireRequestState" event and call FormsAuthentication.SignOut() inside that if the session value is blank.
Hope this help

Avneesh
MCAD,MCSD.Net


then the application and therefore the Session will be restarted, but the authentication cookie will still be valid ----- TruongLapVi wrote: -----

Hi

I am using Forms Authentiaction. In Login Page, after authenticate, I read from database some info and save them into session.

I set session time out 1 minutes, after that time, session will be destroy but authentication info still alive. When user request again, his
authentiacation info still valid but there is no session data of him?

how can I solve the problem

--
Vi

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.583 / Virus Database: 369 - Release Date: 2/10/2004
Nov 18 '05 #3

Please check an in-depth post on asp.net weblog...

Here it goes http://weblogs.asp.net/dreilly/archi...6/04/8276.aspx

Avneesh
MCAD, MCSD.Net
Nov 18 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

2 posts views Thread by Alfred Salton | last post: by
reply views Thread by Alfred Salton | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.