472,142 Members | 1,021 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,142 software developers and data experts.

Bug with forms authentication persistent cookie expiry 30 minutes

I have noticed in .net 2 that when authenticating a user, setting the
cookie using either redirectfromloginpage or setauthcookie, specifying
true for the persistent parameter that the cookie is persistent with an
expiry time of 30 minutes from now, unless you have specified a timeout
attribute in the forms element in the web.config. Quoting from msdn:

Optional attribute.

Specifies the time, in integer minutes, after which the cookie expires.
If the SlidingExpiration attribute is true, the timeout attribute is a
sliding value, expiring at the specified number of minutes after the
time that the last request was received. To prevent compromised
performance, and to avoid multiple browser warnings for users who have
cookie warnings turned on, the cookie is updated when more than half of
the specified time has elapsed. This might cause a loss of precision.
Persistent cookies do not time out.
The default is "30" (30 minutes)."
So if its persistent why is .net setting expiring to 30 minutes still?!

Oct 13 '06 #1
0 1642

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

7 posts views Thread by What-a-Tool | last post: by
1 post views Thread by Scott | last post: by
reply views Thread by Sebastien Roeckel | last post: by
reply views Thread by Anonieko Ramos | last post: by
1 post views Thread by Bijoy Naick | last post: by
1 post views Thread by Mark Olbert | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.