471,066 Members | 1,294 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

home > topics > asp.net > questions > forms authorization cookie always set to expire in 2055?

Join Bytes to post your question to a community of 471,066 software developers and data experts.

Forms authorization cookie always set to expire in 2055?

I'm using Forms authorization. In my <forms> section I have timeout="30",
but when I examine the cookie, it shows it expiring in 2055? Why?

<authentication mode="Forms">
<forms
loginUrl="/login.aspx"
protection="All"
timeout="30"
path="/">
<credentials passwordFormat="Clear">
<user name="guest" password="xxxxxxx" />
</credentials>
</forms>
</authentication>
Nov 19 '05 #1
4 2426
Because they hard coded it to expire after 50 years. You can change that
(albeit manually).

-Brock
DevelopMentor
http://staff.develop.com/ballen
I'm using Forms authorization. In my <forms> section I have
timeout="30", but when I examine the cookie, it shows it expiring in
2055? Why?

<authentication mode="Forms">
<forms
loginUrl="/login.aspx"
protection="All"
timeout="30"
path="/">
<credentials passwordFormat="Clear">
<user name="guest" password="xxxxxxx" />
</credentials>
</forms>
</authentication>


Nov 19 '05 #2
So, what good is setting the "timeout" value in the <form> section? Maybe
you didn't read my post accurately.
"Brock Allen" <ba****@NOSPAMdevelop.com> wrote in message
news:97**********************@msnews.microsoft.com ...
Because they hard coded it to expire after 50 years. You can change that
(albeit manually).

-Brock
DevelopMentor
http://staff.develop.com/ballen
I'm using Forms authorization. In my <forms> section I have
timeout="30", but when I examine the cookie, it shows it expiring in
2055? Why?

<authentication mode="Forms">
<forms
loginUrl="/login.aspx"
protection="All"
timeout="30"
path="/">
<credentials passwordFormat="Clear">
<user name="guest" password="xxxxxxx" />
</credentials>
</forms>
</authentication>


Nov 19 '05 #3
The timeout is used when it's not a persistent cookie. IOW, the boolean parameter
to FormsAuthentication.SetAuthCookie. The docs cover this (except where it
says "Persistent cookies do not time out.". They do time out after 50 years,
as you discovered):

http://msdn.microsoft.com/library/de...gngrfforms.asp

-Brock
DevelopMentor
http://staff.develop.com/ballen
So, what good is setting the "timeout" value in the <form> section?
Maybe you didn't read my post accurately.

"Brock Allen" <ba****@NOSPAMdevelop.com> wrote in message
news:97**********************@msnews.microsoft.com ...
Because they hard coded it to expire after 50 years. You can change
that (albeit manually).

-Brock
DevelopMentor
http://staff.develop.com/ballen
I'm using Forms authorization. In my <forms> section I have
timeout="30", but when I examine the cookie, it shows it expiring in
2055? Why?

<authentication mode="Forms">
<forms
loginUrl="/login.aspx"
protection="All"
timeout="30"
path="/">
<credentials passwordFormat="Clear">
<user name="guest" password="xxxxxxx" />
</credentials>
</forms>
</authentication>


Nov 19 '05 #4
Ahh...yes...now I see. I set the persistant parameter to false and now it
works. Thanks.

Amil

"Brock Allen" <ba****@NOSPAMdevelop.com> wrote in message
news:97**********************@msnews.microsoft.com ...
The timeout is used when it's not a persistent cookie. IOW, the boolean
parameter to FormsAuthentication.SetAuthCookie. The docs cover this
(except where it says "Persistent cookies do not time out.". They do time
out after 50 years, as you discovered):

http://msdn.microsoft.com/library/de...gngrfforms.asp

-Brock
DevelopMentor
http://staff.develop.com/ballen
So, what good is setting the "timeout" value in the <form> section?
Maybe you didn't read my post accurately.

"Brock Allen" <ba****@NOSPAMdevelop.com> wrote in message
news:97**********************@msnews.microsoft.com ...
Because they hard coded it to expire after 50 years. You can change
that (albeit manually).

-Brock
DevelopMentor
http://staff.develop.com/ballen
I'm using Forms authorization. In my <forms> section I have
timeout="30", but when I examine the cookie, it shows it expiring in
2055? Why?

<authentication mode="Forms">
<forms
loginUrl="/login.aspx"
protection="All"
timeout="30"
path="/">
<credentials passwordFormat="Clear">
<user name="guest" password="xxxxxxx" />
</credentials>
</forms>
</authentication>


Nov 19 '05 #5

This discussion thread is closed

Start new discussion

Replies have been disabled for this discussion.

Similar topics
Forms Authentication Problem
11 posts views Thread by ElmoWatson | last post: by
Forms authentication in a subfolder problem, please help
3 posts views Thread by Kris van der Mast | last post: by
Forms authentication
2 posts views Thread by Jenny | last post: by
Forms Authentication Cookie Does Not Expire
1 post views Thread by Joey Powell | last post: by
ASP.NET Forms Authentication Best Practices
reply views Thread by Anonieko Ramos | last post: by
ASP.NET Forms Authentication
5 posts views Thread by Gavin Stevens | last post: by
Forms authentication cookies not expiring...
2 posts views Thread by pv_kannan | last post: by
Trying to figure out forms authentication
2 posts views Thread by Randall Parker | last post: by
Forms Authentication
4 posts views Thread by =?Utf-8?B?R3V1czEyMw==?= | last post: by
Install opengauss2.1.0 error
reply views Thread by leo001 | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2022
About Bytes
Advertise
Terms Of Use
Privacy Policy
Contact Us
Sitemap

Follow us! Get the Latest Bytes Updates