Re: problem with slidingExpiration

From: Alessandro Zucchi (AlessandroZucchi_at_discussions.microsoft.com)
Date: 03/07/05

• Next message: super bidder via .NET 247: "Domain Authenication with the public dmz"
• Previous message: Paul Clement: "Re: Access Denied on WindowsIdentity.GetCurrent()"
• In reply to: Hernan de Lahitte: "Re: problem with slidingExpiration"
• Next in thread: Hernan de Lahitte: "Re: problem with slidingExpiration"
• Reply: Hernan de Lahitte: "Re: problem with slidingExpiration"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 7 Mar 2005 07:51:04 -0800

Hi Hernan,

I tried your solution , but doesn't run. Follow the complete code.
********************************************************
string CF="ZCCLSN70R21C816A";
FormsAuthentication.Initialize();
Response.Cookies.Clear();
//Creo il ticket
int expiration=2;
DateTime dt= DateTime.Now;
DateTime dte=dt.AddMinutes(expiration);
FormsAuthenticationTicket tkt = new FormsAuthenticationTicket(CF,false,
expiration);
                        
//cripto l'authentication ticket
string cookiestr = FormsAuthentication.Encrypt(tkt);
                        
//creo il cookie
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName,
cookiestr);
//aggiungo il cookie
//ck.Expires=tkt.Expiration; //NON SERVE NEI "NON PERSINSTANCE COOKIES"
Response.Cookies.Set(ck);
                        
//Redirec on protected page
FormsAuthentication.RedirectFromLoginPage(CF, false); // Target on protected
page.
//Response.Redirect("./path/relpath.aspx",true);
**********************************************************
After 2 minutes the user is logged out also if I use the application
(multiple refresh on protected page).

By

"Hernan de Lahitte" wrote:

> I think you should use the typical "RedirectFromLoginPage()" so you allow
> the Forms Auth internal data to initialize appropriately.
> For your scenario, this would be something like the sample below:
>
> RedirectFromLoginPage(CF, false)
>
> This may replace all your ticket/cookie stuff and will actually use your
> config settings as well.
>
> --
> Hernan de Lahitte
> http://weblogs.asp.net/hernandl
> http://www.lagash.com/english/index.html
>
>
> "Alessandro Zucchi" <Alessandro Zucchi@discussions.microsoft.com> wrote in
> message news:0BE0F4EF-37D9-4C8D-AE16-6FC28E819C3C@microsoft.com...
> > Hi all,
> > I'm trying to use Forms authentication with slidingExpiration option set
> > to
> > true since I want permit users to stay logged in when they use the web
> > application. Only idle timeout must logged out the users.
> >
> > ***********************************************************
> > Follow the code:
> >
> > string CF="ZCCLSN70R21C816A";
> > int expiration=2;
> > DateTime dt= DateTime.Now;
> > DateTime dte=dt.AddMinutes(expiration);
> > FormsAuthenticationTicket tkt = new FormsAuthenticationTicket(CF,false,
> > expiration);
> >
> > //cripto l'authentication ticket
> > string cookiestr = FormsAuthentication.Encrypt(tkt);
> > //creo il cookie
> > HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName,
> > cookiestr);
> > //aggiungo il cookie
> > //ck.Expires=tkt.Expiration;
> > Response.Cookies.Set(ck);
> >
> > ***********************************************
> > Follow Web.config
> > <!--Pagina di login-->
> > <authentication mode="Forms">
> > <forms loginUrl="login.aspx" name="miocook" protection="All" path="./"
> > timeout="2" slidingExpiration="true" />
> > </authentication>
> >
> > <authorization>
> > <deny users ="?" />
> > <allow users = "*" />
> > </authorization>
> >
> > <sessionState
> > mode="StateServer"
> > stateConnectionString="tcpip=127.0.0.1:42424"
> > sqlConnectionString="data
> > source=127.0.0.1;Trusted_Connection=yes"
> > cookieless="false"
> > timeout="30"
> > />
> > **********************************************************
> > The problem is that after 2 minutes, also if I use the application, the
> > cookie expire.
> > It look to me that the flag slidingExpiration has no effect.
> >
> > Anyone can help me ?
> > By
> >
>
>
>

---

• Next message: super bidder via .NET 247: "Domain Authenication with the public dmz"
• Previous message: Paul Clement: "Re: Access Denied on WindowsIdentity.GetCurrent()"
• In reply to: Hernan de Lahitte: "Re: problem with slidingExpiration"
• Next in thread: Hernan de Lahitte: "Re: problem with slidingExpiration"
• Reply: Hernan de Lahitte: "Re: problem with slidingExpiration"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: IsInRole problem ... setting up the ticket. ... What I've noticed is that the string doesn't get written to UserData in ... can't get the roles back out of the cookie. ... > the prod environment, that I get the right roles via: ... (microsoft.public.dotnet.framework.aspnet.security) Cannot retrieve UserData in Forms Authentication ... and am getting user data back from the cookie. ... I assume your setting the ticket in a login page. ... >Dim authTicket As New FormsAuthenticationTicket(1, ... >Dim encryptedTicket As String = ... (microsoft.public.dotnet.framework.aspnet.security) Users are timing out, even while they work ... // Now encrypt the ticket. ... string encryptedTicket = FormsAuthentication.Encrypt; ... // Create a cookie and add the encrypted ticket to the cookie as data. ... (microsoft.public.dotnet.framework.aspnet) Re: DESPERATE: FormsAuthentication Problem ... >>> database and create a semicolon delimited string listing the roles ... >>> them in the forms authentication cookie. ... >>> Dim authTicket As FormsAuthenticationTicket = New ... (microsoft.public.dotnet.framework.aspnet) Perplexing and critical error - please help! ... The site uses Forms authentication w/ anonymous ... pass information about the current conference. ... FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( ... // "true" for a durable user cookie ... (microsoft.public.dotnet.framework.aspnet.webcontrols)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)