469,916 Members | 1,896 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,916 developers. It's quick & easy.

Bug with forms authentication persistent cookie expiry 30 minutes

I have noticed in .net 2 that when authenticating a user, setting the
cookie using either redirectfromloginpage or setauthcookie, specifying
true for the persistent parameter that the cookie is persistent with an
expiry time of 30 minutes from now, unless you have specified a timeout
attribute in the forms element in the web.config. Quoting from msdn:

"timeout:
Optional attribute.

Specifies the time, in integer minutes, after which the cookie expires.
If the SlidingExpiration attribute is true, the timeout attribute is a
sliding value, expiring at the specified number of minutes after the
time that the last request was received. To prevent compromised
performance, and to avoid multiple browser warnings for users who have
cookie warnings turned on, the cookie is updated when more than half of
the specified time has elapsed. This might cause a loss of precision.
Persistent cookies do not time out.
The default is "30" (30 minutes)."
So if its persistent why is .net setting expiring to 30 minutes still?!

Oct 13 '06 #1
0 1549

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

7 posts views Thread by What-a-Tool | last post: by
1 post views Thread by Scott | last post: by
reply views Thread by Sebastien Roeckel | last post: by
reply views Thread by Anonieko Ramos | last post: by
1 post views Thread by Bijoy Naick | last post: by
1 post views Thread by Mark Olbert | last post: by
reply views Thread by Salome Sato | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.