472,958 Members | 2,745 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,958 software developers and data experts.

Is my security cookie timing out?

Hi - I have an app that does not use sessions:

<sessionState mode="Off" stateConnectionString="tcpip="
sqlConnectionString="data source=;Trusted_Connection=yes"
cookieless="true" timeout="600" />

It does use Forms authentication:

<authentication mode="Forms" >
<forms loginUrl="Login.aspx"
name = "Tenni" path="/"
protection="Validation" timeout="600" slidingExpiration="true">
If a user leaves a session idle for a while (15 mins+) then when they go
back to it, it will redirect them to Login.aspx. The url for the displayed
page is then "blah.com\login.asp?RedirectUrl=nextpage.aspx" where
'nextpage.aspx' is the page they WANTED to move to.

I am no expert, but this appears to me that my security cookie is timing
out. I thought my settings in web.config (above) would prevent this.

In my call to System.Web.Security.FormsAuthentication.SetAuthCoo kie I have
tried specifying both a session and non-session cookie - but I get the same

Can someone shed any light, or suggest how I might get more info on what's
going on?

The problem only seems to occur on my production server (hosted at
www.discountasp.net). If I run it hosted on my own development machine, it
never does this(!).



Nov 19 '05 #1
0 969

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

by: grahamd | last post by:
Who are the appropriate people to report security problems to in respect of a module included with the Python distribution? I don't feel it appropriate to be reporting it on general mailing lists.
by: JamesB | last post by:
I am half way through making a site you can only do certain stuff if logged in to. So far, you are logged in if there is a session variable with your username, but I got thinking that presumably...
by: David W. Simmonds | last post by:
I have a form that will prompt for a user name/password. In VS.NET, I have the protected form in a folder named Admin. I have a Web.config file in that folder as well. It contains the following...
by: J | last post by:
Hi all, is there a recommended approach to integrate ASP.NET security features in a classic ASP app? My general idea is to create a front end sign in process to authenticate the user and issue an...
by: Edwin Knoppert | last post by:
I have searched but info is limitted. In my test app i used a non persistant cookie for forms authentication. slidingExpiration is set to true On run and close and rerun the login remains ok....
by: mike.biang | last post by:
I am using the XMLHTTP object to request a page from within another ASP page. For my scenario, the two pages should operate in the same session. However, when I request the second page, a new...
by: darrel | last post by:
We have a home grown CMS in our organization that I decided to update at 5pm only to find a gigantic security bug in it. Here's the deal: The original programmer created the security for the...
by: dino d. | last post by:
Hi Everyone- I was reading a few posts about sessions and security, and it seems that the best way to address sessions security is to require authentication every time the user needs to get to...
by: YYZ | last post by:
I'm using asp, not asp.net. I've got some open ended questions that I was really hoping someone in here could answer, or direct me to some resources that will help me answer them on my own. ...
by: DJRhino | last post by:
Was curious if anyone else was having this same issue or not.... I was just Up/Down graded to windows 11 and now my access combo boxes are not acting right. With win 10 I could start typing...
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 4 Oct 2023 starting at 18:00 UK time (6PM UTC+1) and finishing at about 19:15 (7.15PM) The start time is equivalent to 19:00 (7PM) in Central...
by: Aliciasmith | last post by:
In an age dominated by smartphones, having a mobile app for your business is no longer an option; it's a necessity. Whether you're a startup or an established enterprise, finding the right mobile app...
by: NeoPa | last post by:
Hello everyone. I find myself stuck trying to find the VBA way to get Access to create a PDF of the currently-selected (and open) object (Form or Report). I know it can be done by selecting :...
by: NeoPa | last post by:
Introduction For this article I'll be using a very simple database which has Form (clsForm) & Report (clsReport) classes that simply handle making the calling Form invisible until the Form, or all...
by: nia12 | last post by:
Hi there, I am very new to Access so apologies if any of this is obvious/not clear. I am creating a data collection tool for health care employees to complete. It consists of a number of...
by: NeoPa | last post by:
Introduction For this article I'll be focusing on the Report (clsReport) class. This simply handles making the calling Form invisible until all of the Reports opened by it have been closed, when it...
by: isladogs | last post by:
The next online meeting of the Access Europe User Group will be on Wednesday 6 Dec 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, Mike...
by: GKJR | last post by:
Does anyone have a recommendation to build a standalone application to replace an Access database? I have my bookkeeping software I developed in Access that I would like to make available to other...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.