So, what good is setting the "timeout" value in the <form> section? Maybe
you didn't read my post accurately.
"Brock Allen" <ba****@NOSPAMdevelop.com> wrote in message
news:97**********************@msnews.microsoft.com ...
Because they hard coded it to expire after 50 years. You can change that
(albeit manually).
-Brock
DevelopMentor
http://staff.develop.com/ballen
I'm using Forms authorization. In my <forms> section I have
timeout="30", but when I examine the cookie, it shows it expiring in
2055? Why?
<authentication mode="Forms">
<forms
loginUrl="/login.aspx"
protection="All"
timeout="30"
path="/">
<credentials passwordFormat="Clear">
<user name="guest" password="xxxxxxx" />
</credentials>
</forms>
</authentication>