473,405 Members | 2,404 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > catching forms authentication expiry

Join Bytes to post your question to a community of 473,405 software developers and data experts.

Catching forms authentication expiry

Hi,

I have an asp.net web app whereby I authenticate the user with Forms
Authentication and store details about him in the session. I want to be able
to catch an event when the users authentication period expires but I can't
see any way to do this.

Currently I have set the forms authentication expiry shorter than the
session expiry because I don't want a user logged in if his session details
are invalid. I was thinking of setting the two timeouts to the same thing,
then I could catch the session_end event. However, to avoid the race
condition of having session_end happen before the forms authentication
timeout, I would want to force the user to get logged off in the session_end
event, but calling FormsAuthentication.SignOut() in the session_end event
would presumably not work. It's not really clear to me how the static
methods in FormsAuthentication get their context (i.e. when calling
SignOut() how does it know which user to sign out?)

It seems to me that most people using forms authentication would want to tie
the session period in with the authenticated period and avoiding all the
race conditions - has anyone found a sensible way to do this.

Andy
Nov 18 '05 #1
1 1661
as my experiences , if user's request is Authenticated, the user session
will never timeout, i dont why this happen too

"Andy Fish" <aj****@blueyonder.co.uk> дÈëÏûÏ¢ÐÂÎÅ
:ge*********************@news-text.cableinet.net...
Hi,

I have an asp.net web app whereby I authenticate the user with Forms
Authentication and store details about him in the session. I want to be able to catch an event when the users authentication period expires but I can't
see any way to do this.

Currently I have set the forms authentication expiry shorter than the
session expiry because I don't want a user logged in if his session details are invalid. I was thinking of setting the two timeouts to the same thing,
then I could catch the session_end event. However, to avoid the race
condition of having session_end happen before the forms authentication
timeout, I would want to force the user to get logged off in the session_end event, but calling FormsAuthentication.SignOut() in the session_end event
would presumably not work. It's not really clear to me how the static
methods in FormsAuthentication get their context (i.e. when calling
SignOut() how does it know which user to sign out?)

It seems to me that most people using forms authentication would want to tie the session period in with the authenticated period and avoiding all the
race conditions - has anyone found a sensible way to do this.

Andy

Nov 18 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
Secure and Unsecure Web Directories using Forms Authentication
by: Billy Jacobs | last post by:
I have a website which has both secure and non-secure pages. I want to uses forms authentication. How do I accomplish this? Originally I had my web.config file in the root with Forms...
.NET Framework
2
Expiry in Forms authentication
by: sushi | last post by:
Hello, I have an web site which uses forms authentication. The application uses frames. When the authentication time out occurs and if we click on any one of the frames, each individual pages...
C# / C Sharp
1
Forms authentication
by: Ian Walsh | last post by:
I'm using forms authentication within a C# project. I am using the standard code where a user attempts to access a page when they are not logged into the system. I am collecting a username /...
ASP.NET
3
Forms authentication in a subfolder problem, please help
by: Kris van der Mast | last post by:
Hi, I've created a little site for my sports club. In the root folder there are pages that are viewable by every anonymous user but at a certain subfolder my administration pages should be...
ASP.NET
3
Forms Authentication Cookies Never Expire
by: Joey Powell | last post by:
This message was originally posted to the aspnet.security newsgroup, but no one there has ever heard of this before. That is why I am posting this message here, so that more people will see it... ...
ASP.NET
1
Sessions and Forms Authentication Cookie
by: Bijoy Naick | last post by:
I have a folder on my site secured with Forms Authentication. After the user is authenticated, I set a session level variable. The session time on the server is set to 20 mins. I am guessing the...
ASP.NET
0
Bug with forms authentication persistent cookie expiry 30 minutes
by: robert | last post by:
I have noticed in .net 2 that when authenticating a user, setting the cookie using either redirectfromloginpage or setauthcookie, specifying true for the persistent parameter that the cookie is...
ASP.NET
4
D Giles
Open many forms from one form
by: D Giles | last post by:
Have found many solutions on this forum to get to this point so finally registered. I have a form which should load 17 forms. Private Sub Form_Load() On Error GoTo Err_Form_Load DoCmd.Minimize...
Microsoft Access / VBA
5
Forms Authentication vs MembershipProvider
by: Rory Becker | last post by:
Having now created a Custom MembershipProvider that seems to work correctly with my Logon and ChangePassword controls, I am, as they say, a happy bunny. The next stange is to move on to the...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!