By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,837 Members | 1,813 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,837 IT Pros & Developers. It's quick & easy.

Bug with forms authentication persistent cookie expiry 30 minutes

P: n/a
I have noticed in .net 2 that when authenticating a user, setting the
cookie using either redirectfromloginpage or setauthcookie, specifying
true for the persistent parameter that the cookie is persistent with an
expiry time of 30 minutes from now, unless you have specified a timeout
attribute in the forms element in the web.config. Quoting from msdn:

"timeout:
Optional attribute.

Specifies the time, in integer minutes, after which the cookie expires.
If the SlidingExpiration attribute is true, the timeout attribute is a
sliding value, expiring at the specified number of minutes after the
time that the last request was received. To prevent compromised
performance, and to avoid multiple browser warnings for users who have
cookie warnings turned on, the cookie is updated when more than half of
the specified time has elapsed. This might cause a loss of precision.
Persistent cookies do not time out.
The default is "30" (30 minutes)."
So if its persistent why is .net setting expiring to 30 minutes still?!

Oct 13 '06 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.