Re: Authorization question, w/ "Windows" authentication mode

---

• From: Dominick Baier [DevelopMentor] <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Mon, 3 Jul 2006 20:15:37 +0000 (UTC)

---

so why use sliding expiration then??

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

except that the keyname for the cached data is based on the unique
userID. since no user will user the application for very long, and the
app has a 20 or 30 minute inactivity timeout, perpetually storing
stale data is not possible.

matt

Dominick wrote:

i wouldn't use sliding expiration - rather choose a longer timeout
and no sliding exp. - this will guarantee you get fresh info after
the timout occured. Otherwise you could keep possible old info alive
forever by repeatedly sending request to the application.

.

---

• Follow-Ups:
  • Re: Authorization question, w/ "Windows" authentication mode
    • From: matt

• References:
  • Re: Authorization question, w/ "Windows" authentication mode
    • From: matt

• Prev by Date: Re: ASP.NET Membership
• Next by Date: Re: Authorization question, w/ "Windows" authentication mode
• Previous by thread: Re: Authorization question, w/ "Windows" authentication mode
• Next by thread: Re: Authorization question, w/ "Windows" authentication mode
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.framework.aspnet.security  > 2006-07