Re: Forms Authentication Expiration

From: Devin Carlen (dcarlenATescapia.com)
Date: 07/20/02 

From: "Devin Carlen" <dcarlenATescapia.com>
Date: Sat, 20 Jul 2002 00:29:24 -0400

That was my initial thought, and that is probably what I will end up doing,
but I was wondering if there was a Right Way to do it by having the ticket
extend its own life programmatically. I know the ticket is capable of
renewing itself but I am totally fuzzy on how/when that happens.

Thanks,

"Ed Maillet" <emaillet@_nospam_.unum.com> wrote in message
news:186c801c22f9d$0d4398e0$36ef2ecf@tkmsftngxa12...
> To translate your desired behavior, you do not want the
> ticket to ever expire or it's "life time" must be longer
> than that of the session.
>
> You can create the FormsAuthenticationTicket with a
> expiration DateTime or timeout "life time" in minutes. You
> could set wither of those values to an insanely high
> number or set it to twice the session timeout (if you know
> it or can programmatically get it.)
>
>
>
> >-----Original Message-----
> >Hi all,
> >
> >Here is the functionality I am aiming for. I was hoping
> one of you might
> >have a suggestion for me. ;)
> >
> >Basically I have my forms auth working properly, but my
> concern is that
> >since the FormsAuthenticationTicket has a separate
> expiration than the
> >session, that the user will have to re-authenticate every
> time the ticket
> >expires, losing whatever data they were currently working
> with.
> >
> >I am aware of the FormsAuthentication.RenewTicketIfOld
> method, but the
> >documentation for it is weak at best.
> >
> >Basically unless the user closes their browser window or
> the session
> >expires, I do not want them to have to reauthenticate.
> >
> >Anyone got suggestions?
> >
> >Thanks in advance,
> >
> >Devin Carlen
> >
> >
> >.
> >

Relevant Pages

  • Forms Authentication Expiration
    ... ticket to ever expire or it's "life time" must be longer ... than that of the session. ... expiration DateTime or timeout "life time" in minutes. ... >expires, I do not want them to have to reauthenticate. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Forms Authentication Expiration
    ... ticket to ever expire or it's "life time" must be longer ... than that of the session. ... expiration DateTime or timeout "life time" in minutes. ... >expires, I do not want them to have to reauthenticate. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Session data loss during user logged session
    ... I am developing web application, which is a part of IT project. ... app Administrators can add end-users of this project. ... I was logged in as another user (I have lost my ticket and session and get ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Question about redirecting to a "session expired" page...
    ... When a logged in user's session expires, I want that user redirected back to ... "AuthCookie" that gets set when you use the FormsAuthentication class? ... means the session expired and it would redirect back to the login page. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Avoiding page expiry?
    ... >:I'm using a webform that expires after a few minutes. ... On submitting the form after the expiry time any data is lost. ... session is regarded as being inactive while you fill out the form. ...
    (comp.security.misc)