473,508 Members | 2,360 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Forms Authentication and Session Variables

Jim
Hi,

I am using forms based authentication for my website. Whilst testing I have
noticed that occasionaly it appears that the Context.User.Identity.Name is
valid however the session variables that I have created as the website is
used have been lost.

I think it is something to do with the session timeout. I thought when the
session times out (session varaibles lost) the user context is cleared as
well - or is this an incorrect assumption.

Your thoughts would be most welcome.
Nov 19 '05 #1
2 1931
Hi Jim,

Context object holds data for a single user, for a single request and it is
only persisted for the duration of the request.

Cheers,

Jerome. M

"Jim" wrote:
Hi,

I am using forms based authentication for my website. Whilst testing I have
noticed that occasionaly it appears that the Context.User.Identity.Name is
valid however the session variables that I have created as the website is
used have been lost.

I think it is something to do with the session timeout. I thought when the
session times out (session varaibles lost) the user context is cleared as
well - or is this an incorrect assumption.

Your thoughts would be most welcome.

Nov 19 '05 #2
Jim
Thanks Jerome,

Starting to make a bit more sense now. I've created my own principal and
identity objects to store all information relating to the user (name,
company,email address etc) that is used frequently by the pages within the
website. I was using session data for this but was experiencing problems
when the session timed out yet the user was still authenticated. I guess i
am on the right track now.

Is the Context.User information populated from cookie information stored on
the client? If so, is it sent back and forth with each request? Might have
to trim the data I store if that is the case.

Am I correct in thinking that the Context.User is only lost when the browser
window is closed (or is there a timeout associated with the authentication
process)?

Many thanks again.

Jim
"DotNetJerome" <reachjerome@_yahoo.com-remove-the-underscore-after@> wrote
in message news:89**********************************@microsof t.com...
Hi Jim,

Context object holds data for a single user, for a single request and it
is
only persisted for the duration of the request.

Cheers,

Jerome. M

"Jim" wrote:
Hi,

I am using forms based authentication for my website. Whilst testing I
have
noticed that occasionaly it appears that the Context.User.Identity.Name
is
valid however the session variables that I have created as the website is
used have been lost.

I think it is something to do with the session timeout. I thought when
the
session times out (session varaibles lost) the user context is cleared as
well - or is this an incorrect assumption.

Your thoughts would be most welcome.

Nov 19 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
1
1644
ASP.NET Forms Authentication Questions...
by: Paul Daly (MCP) | last post by:
Background: I want to be able to authenticate users whose usernames & passwords are stored in a SQL database. I only want certain pages to require authentication. I have tried to implement this...
.NET Framework
4
2116
Session variables with forms based authentication
by: Morten | last post by:
Hi! I've been implementing forms based authentication in a web project. It works pretty good. When I log on by clicking the "login" button the following code is executed: if...
C# / C Sharp
5
673
Multiple sessions and forms-based authentication
by: Rob | last post by:
I have an ASP.NET application that uses forms-based authentication. A user wishes to be able to run multiple sessions of this application simultaneously from the user's client machine. The...
ASP.NET
1
2075
Forms authentication & frames
by: Martin | last post by:
Hi, After I gave up on tracking user sessions through the session object (Session_OnEnd is still not triggered by Abandon() even with mode=InProc and me manipulating session variables; in a new...
ASP.NET
0
262
forms authentication question
by: mike parr | last post by:
I am using Forms authentication for the first time, and I'm having problems with it. I have 3 pages relating to the login, default.aspx, default_new_user.aspx and default_user.aspx. ...
ASP.NET
0
1089
not redirecting to login page while using forms authentication
by: Pradeep Pise | last post by:
Hello All, I have a problem in my project. I have used forms authentication and code is embedded in web.config. <authentication mode="Forms"> <forms name="AuthCookie" path="/"...
ASP.NET
6
1612
Forms auth and session question...
by: Jon | last post by:
If a session times out, but the forms auth is still logged in it's possible for users to go to pages on the site that need those session variables. I was under the impression that using forms auth...
ASP.NET
5
1508
Persistent Forms Authentication - and Session Variables
by: Max | last post by:
Hi All! I'm doing an ASP.NET project which uses Persistent Forms Authentication (i.e. once user logged in, they don't have to log in again). However Session variables are erased after Session...
ASP.NET
5
470
Forms Authentication and Session Variables
by: Schultz | last post by:
I am having two problems in the application I am building, the first has to do with forms authentication. The application has three different login pages: 1- for admins 2- for users 3- for...
ASP.NET
4
5314
Forms authentication vs session variable
by: Bjorn Sagbakken | last post by:
In a web-application with login creds (user, pwd), these are checked against a user table on a SQL server. On a positive validation I have saved the userID, name, custno and role-settings in a...
ASP.NET
0
7223
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
1
7036
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
7489
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
5624
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
3191
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
0
3179
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
0
1547
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
C# / C Sharp
1
762
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
0
414
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us