Cookie does not seem to timeout

Martin Dew

Hi,

I am using ASP.Net for a website, I use the following code;

<authentication mode="Forms">
<forms name=".ADASTRATEAROUNDS" loginUrl="login.aspx"
protection="All" timeout="30" path="/">

</forms>

</authentication>

I authenticate the user from a database, etc, this all works fine, however
it does not ever appear to time out the cookie. This has been tested on
numerous machines, both with ie and firefox.

I want the cookie to timeout after 30 minutes, so that the user is
redirected to login next time they visit the site (normally after 24hours),
at present when they next visit it is remembering the last cookie and not
prompting them to login.

Any help or pointers would be gratefully received.

T.I.A

Martin

Nov 19 '05 #1

Brock Allen

In the code where the user is logged in, FormsAuthentication.RedirectFromLoginPage
or FormsAuthentication.SetAuthCookie should be the method used. The 3rd bool
parameter indicates if a persistent cookie should be used. If the cookie
is persistent, then it will not timeout. Perhaps this is the issue?

-Brock
DevelopMentor
http://staff.develop.com/ballen

Hi,

I am using ASP.Net for a website, I use the following code;

<authentication mode="Forms">
<forms name=".ADASTRATEAROUNDS" loginUrl="login.aspx"
protection="All" timeout="30" path="/">
</forms>

</authentication>

I authenticate the user from a database, etc, this all works fine,
however it does not ever appear to time out the cookie. This has been
tested on numerous machines, both with ie and firefox.

I want the cookie to timeout after 30 minutes, so that the user is
redirected to login next time they visit the site (normally after
24hours), at present when they next visit it is remembering the last
cookie and not prompting them to login.

Any help or pointers would be gratefully received.

T.I.A

Martin

Nov 19 '05 #2

Martin Dew

Isn't it easy when you know how ! Thanks very much for pointing that out,
been doing my head in trying to work it out..

Regards

Martin

On Mon, 13 Jun 2005 06:32:37 -0700, Brock Allen wrote:

In the code where the user is logged in, FormsAuthentication.RedirectFromLoginPage
or FormsAuthentication.SetAuthCookie should be the method used. The 3rd bool
parameter indicates if a persistent cookie should be used. If the cookie
is persistent, then it will not timeout. Perhaps this is the issue?

-Brock
DevelopMentor
http://staff.develop.com/ballen

Hi,

I am using ASP.Net for a website, I use the following code;

<authentication mode="Forms">
<forms name=".ADASTRATEAROUNDS" loginUrl="login.aspx"
protection="All" timeout="30" path="/">
</forms>

</authentication>

I authenticate the user from a database, etc, this all works fine,
however it does not ever appear to time out the cookie. This has been
tested on numerous machines, both with ie and firefox.

I want the cookie to timeout after 30 minutes, so that the user is
redirected to login next time they visit the site (normally after
24hours), at present when they next visit it is remembering the last
cookie and not prompting them to login.

Any help or pointers would be gratefully received.

T.I.A

Martin

Nov 19 '05 #3