473,326 Members | 2,255 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

formsauthentication timeout & session timeout

I'm using FormsAuthentication. If the session restarts, obviously the
session variables are cleared, but the security ticket is still active.
Since I use variables in the Session to determine what data is displayed on
the page (for example I store the username variable in Session and display
the users specific data), I need to have either the security ticket signed
out if/when the session restarts, so I can have the user sign in again, so
that I can get the user specific data and place it in the Session object.
Have I designed my application incorrectly?
If this is an acceptable design, what is the solution?
Nov 19 '05 #1
1 1574
A couple things you can do...

1. If you are using the In-Process state server then you could probably put
your code in the Session_End event and log the user out. When using
out-of-process you don't have the Session_End event (it won't fire).

2. Or, you probably have the username or customer key in the
(HttpContext.Current.User.Identity.Name) value when you signed them in.

FormsAuthenticationTicket(1, username,
DateTime.Now,
DateTime.Now.AddMinutes(60),
false, string.Empty);

You can use this to re-locate the user data from your database and rebuild
the session.

HTH
--
Ian
"Craig" wrote:
I'm using FormsAuthentication. If the session restarts, obviously the
session variables are cleared, but the security ticket is still active.
Since I use variables in the Session to determine what data is displayed on
the page (for example I store the username variable in Session and display
the users specific data), I need to have either the security ticket signed
out if/when the session restarts, so I can have the user sign in again, so
that I can get the user specific data and place it in the Session object.
Have I designed my application incorrectly?
If this is an acceptable design, what is the solution?

Nov 19 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: Billy Boone | last post by:
I have a current web application that utilizes a login to authenticate users into the application. Once I authenticate them, I store away the user's name in a Session variable. I then utilize...
2
by: G-Fit | last post by:
Hello group, I use Forms Authentication in my web application and I am not sure I understand the way the cookie works. I use the SetAuthCookie method with a database identifier as userName, as...
3
by: Carpe Diem | last post by:
Hello I have an aspx page that loses Session("user") value after a few minutes even after I set <sessionState mode="InProc" cookieless="false" timeout="300"> in web.config and wrote function...
1
by: Danny | last post by:
Hi there, I was wondering if anyone would be able to shed some light on the following behaviour for me. I have an application that is using Forms Authentication with non-persistent cookies, a...
8
by: tshad | last post by:
I am trying to get my authentication to work and want the timeout to be 30 minutes, but only while the browser is active. If the browser closes, I want the cookie to disappear. Is this...
1
by: Jeremy Chapman | last post by:
I have built a web app. While testing I have found that if I browse to a page in the app, then get redirected to the login page and enter my credentials. The...
5
by: Ĺženol Akbulak | last post by:
Hello; I use in my web application FormsAuthentication. Also I use Session state (InProc). When a user logged in, I can read Session parameters. (For example Session). Problem is that, when...
1
by: Nick | last post by:
Hi, I have a page that the user enters some data into - textboxes and choosens some options out of checkboxes and listboxes. However there is often a delay between when they make the last...
13
by: =?Utf-8?B?ZG91Zw==?= | last post by:
I support several intranet sites one of which had NO STATE. Even though content has ASP extensions, it was all rendered HTML. Site had NO session or application variables being managed. Site had...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.