By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
449,278 Members | 1,135 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 449,278 IT Pros & Developers. It's quick & easy.

Forms Authentication and Session Variables

P: n/a
Jim
Hi,

I am using forms based authentication for my website. Whilst testing I have
noticed that occasionaly it appears that the Context.User.Identity.Name is
valid however the session variables that I have created as the website is
used have been lost.

I think it is something to do with the session timeout. I thought when the
session times out (session varaibles lost) the user context is cleared as
well - or is this an incorrect assumption.

Your thoughts would be most welcome.
Nov 19 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
Hi Jim,

Context object holds data for a single user, for a single request and it is
only persisted for the duration of the request.

Cheers,

Jerome. M

"Jim" wrote:
Hi,

I am using forms based authentication for my website. Whilst testing I have
noticed that occasionaly it appears that the Context.User.Identity.Name is
valid however the session variables that I have created as the website is
used have been lost.

I think it is something to do with the session timeout. I thought when the
session times out (session varaibles lost) the user context is cleared as
well - or is this an incorrect assumption.

Your thoughts would be most welcome.

Nov 19 '05 #2

P: n/a
Jim
Thanks Jerome,

Starting to make a bit more sense now. I've created my own principal and
identity objects to store all information relating to the user (name,
company,email address etc) that is used frequently by the pages within the
website. I was using session data for this but was experiencing problems
when the session timed out yet the user was still authenticated. I guess i
am on the right track now.

Is the Context.User information populated from cookie information stored on
the client? If so, is it sent back and forth with each request? Might have
to trim the data I store if that is the case.

Am I correct in thinking that the Context.User is only lost when the browser
window is closed (or is there a timeout associated with the authentication
process)?

Many thanks again.

Jim
"DotNetJerome" <reachjerome@_yahoo.com-remove-the-underscore-after@> wrote
in message news:89**********************************@microsof t.com...
Hi Jim,

Context object holds data for a single user, for a single request and it
is
only persisted for the duration of the request.

Cheers,

Jerome. M

"Jim" wrote:
Hi,

I am using forms based authentication for my website. Whilst testing I
have
noticed that occasionaly it appears that the Context.User.Identity.Name
is
valid however the session variables that I have created as the website is
used have been lost.

I think it is something to do with the session timeout. I thought when
the
session times out (session varaibles lost) the user context is cleared as
well - or is this an incorrect assumption.

Your thoughts would be most welcome.

Nov 19 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.