By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,617 Members | 1,751 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,617 IT Pros & Developers. It's quick & easy.

Authenticate and session

P: n/a
Hi

I am using Forms Authentiaction. In Login Page, after authenticate, I read
from database some info and save them into session.

I set session time out 1 minutes, after that time, session will be destroy
but authentication info still alive. When user request again, his
authentiacation info still valid but there is no session data of him?

how can I solve the problem

--
Vi
Nov 18 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a

Form authentication timeout is independent of the Session timeout. Forms authentication uses a cookie which remains valid even after session restart

best solution is to adopt an independent and design your app accordingly - i mean user authenticates but Session contains no data. then go ahead and populate the sessions

Another workaround is to use "OnAcquireRequestState" event and call FormsAuthentication.SignOut() inside that if the session value is blank

Hope this hel

Avnees
MCAD,MCSD.Ne
then the application and therefore the Session will be restarted, but the authentication cookie will still be vali
----- TruongLapVi wrote: ----

H

I am using Forms Authentiaction. In Login Page, after authenticate, I rea
from database some info and save them into session

I set session time out 1 minutes, after that time, session will be destro
but authentication info still alive. When user request again, hi
authentiacation info still valid but there is no session data of him

how can I solve the proble

--
V

Nov 18 '05 #2

P: n/a
I think ur Session and forms cookie timeout should be in Synchronous

i.e same should be the value...
--
Thanks and Regards,

Amit Agarwal
Software Programmer(.NET)
"Avneesh" <av*****@helloprojects.com> wrote in message
news:FF**********************************@microsof t.com...

Form authentication timeout is independent of the Session timeout. Forms authentication uses a cookie which remains valid even after session restart.
best solution is to adopt an independent and design your app accordingly - i mean user authenticates but Session contains no data. then go ahead and
populate the sessions.
Another workaround is to use "OnAcquireRequestState" event and call FormsAuthentication.SignOut() inside that if the session value is blank.
Hope this help

Avneesh
MCAD,MCSD.Net


then the application and therefore the Session will be restarted, but the authentication cookie will still be valid ----- TruongLapVi wrote: -----

Hi

I am using Forms Authentiaction. In Login Page, after authenticate, I read from database some info and save them into session.

I set session time out 1 minutes, after that time, session will be destroy but authentication info still alive. When user request again, his
authentiacation info still valid but there is no session data of him?

how can I solve the problem

--
Vi

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.583 / Virus Database: 369 - Release Date: 2/10/2004
Nov 18 '05 #3

P: n/a

Please check an in-depth post on asp.net weblog...

Here it goes http://weblogs.asp.net/dreilly/archi...6/04/8276.aspx

Avneesh
MCAD, MCSD.Net
Nov 18 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.