By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,825 Members | 1,026 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,825 IT Pros & Developers. It's quick & easy.

Sessions and Forms Authentication Cookie

P: n/a
I have a folder on my site secured with Forms Authentication. After the user
is authenticated, I set a session level variable.

The session time on the server is set to 20 mins. I am guessing the default
expiry time for the Forms Authentication cookie is 30 mins? Is this correct?

So after 20 mins, the session expires (assuming no user activity), but
because the forms auth cookie is still alive, users are not redirected to
the login page. The other pages are not able to read the session level
variable cuz the session has already expired.

How do I go about changing the forms cookie expiry time? I've seen a timeout
attribute to the forms tag that is used in Web.Config.. Is this what I
should be using?
Nov 18 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
You can also set the expiration time of the forms authentication cookie in
your web.config file.
I set it so it's the same as my session timeout.
"Bijoy Naick" <b_*****@yahoo.ca> wrote in message
news:Oa**************@TK2MSFTNGP10.phx.gbl...
I have a folder on my site secured with Forms Authentication. After the
user
is authenticated, I set a session level variable.

The session time on the server is set to 20 mins. I am guessing the
default
expiry time for the Forms Authentication cookie is 30 mins? Is this
correct?

So after 20 mins, the session expires (assuming no user activity), but
because the forms auth cookie is still alive, users are not redirected to
the login page. The other pages are not able to read the session level
variable cuz the session has already expired.

How do I go about changing the forms cookie expiry time? I've seen a
timeout
attribute to the forms tag that is used in Web.Config.. Is this what I
should be using?

Nov 18 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.