473,382 Members | 1,692 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > need two authentication timeouts for internal and external users

Join Bytes to post your question to a community of 473,382 software developers and data experts.

need two authentication timeouts for internal and external users

I have an ASP.NET 2.0 web app using forms authentication and an ASP.NET
Membership database. Internal users access the app from the intranet, but
they are authenticated by the membership module. External users access the
app over SSL from the internet and are also authenticated the same way.

I would like to have a different authentication timeout value for each. I
want 720 minutes for internal users, so they can leave the app open all day
and only have to log in once. I want 30 minutes for external users.

I know I can set session timeout values to be different for each user by
setting Session.Timeout. Can I do something similar with the authentication
cookie? I surmise I could then force an external user to have a shorter
value, or cause an internal user to have a longer value. If I can set it this
way, where would I do it?

I considered deploying the app twice, but all other aspects of security are
working and I'd rather not have the extra maintenance.

Thanks in advance,
Ray
May 14 '07 #1
1 1669
To set the cookie timeout, IIS Manager can be used. However, It is not
possible to set different cookie timeouts using IIS Manager. To solve your
problem, I will advise you to generate the tickets manually using
FormsAuthenticationTicket class.

Depending on the domain from where users are logged in, you can set
different timeouts using Expiration attribute of the
FormsAuthenticationTicket class.

Hope it helps.
--
Vishwajit MCSD, .NET Architect
"T Ray Humphrey" wrote:
I have an ASP.NET 2.0 web app using forms authentication and an ASP.NET
Membership database. Internal users access the app from the intranet, but
they are authenticated by the membership module. External users access the
app over SSL from the internet and are also authenticated the same way.

I would like to have a different authentication timeout value for each. I
want 720 minutes for internal users, so they can leave the app open all day
and only have to log in once. I want 30 minutes for external users.

I know I can set session timeout values to be different for each user by
setting Session.Timeout. Can I do something similar with the authentication
cookie? I surmise I could then force an external user to have a shorter
value, or cause an internal user to have a longer value. If I can set it this
way, where would I do it?

I considered deploying the app twice, but all other aspects of security are
working and I'd rather not have the extra maintenance.

Thanks in advance,
Ray
May 14 '07 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
Forms Authentication timeout doesn't work
by: Mark MacRae | last post by:
I am trying to do some testing of my application with respect to timeouts (i.e. Session timeouts). I took the advice of somebody else in this newsgroup (I think) and set my forms authentication...
C# / C Sharp
2
Windows and Forms Authentication at the same time ???
by: cmrchs | last post by:
Hi, I am trying to create a site that will be used by both employees AND external users, so both types of users are trying to access the same pages. In the case of an employee on the intranet,...
C# / C Sharp
1
Anonymous login and Windows Authentication
by: Darren Oakey | last post by:
G'day - I'm going insane trying to solve this proble, and would desperately love some assistance: My problem: I am making a web site usable by both internal users and the general public....
ASP.NET
0
Mixing Form and Windows Authentication
by: Rob | last post by:
I am currently making the move from ASP to ASP.Net and I have hit my first stumbling block… Currently I server users from both inside my Domain and Outside of the Domain… What I do now … Check...
ASP.NET
1
Catching forms authentication expiry
by: Andy Fish | last post by:
Hi, I have an asp.net web app whereby I authenticate the user with Forms Authentication and store details about him in the session. I want to be able to catch an event when the users...
ASP.NET
1
How to config the web.config for both Internal and External users using Windows and Forms Authentication?
by: ABC | last post by:
I have a new project which is a web site used by Internal and External users (login required users) and public users (no login required users). On internal users, all users login network using...
ASP.NET
1
Is there any example how to write the site's authorization support Internal and External users?
by: ABC | last post by:
I want learn how to handle the web site which allow internal users (windows network users and internal browser users without windows network login) and external users including cookie and...
ASP.NET
18
Sun Java System Directory Server Authentication
by: troywalker | last post by:
I am new to LDAP and Directory Services, and I have a project that requires me to authenticate users against a Sun Java System Directory Server in order to access the application. I have found...
C# / C Sharp
2
Authentication: multiple auth types for one site
by: Steve | last post by:
I'm looking for feedback on an authentication solution we are considering for an ASP.NET 2.0 project. The site will be accessed by both internal users who are logged into the Windows domain, and...
ASP.NET
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!