Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Persistent cookie timeout with FormsAuthentication

Tags:

asp.net

cookies

forms-authentication

remember-me

I am creating some "Remember Me" functionality as part of logging in.

When I create a persistent cookie during the login process with the following:

FormsAuthentication.SetAuthCookie("someusername", true);

And my Web.Config looks as follows:

<authentication mode="Forms">
  <forms loginUrl="~/sign-in" timeout="2880" />
</authentication>

How long will the cookie be valid for before the user will be asked to provide their login details again? Also, Is there/What is the default length of time used when setting a persistent cookie?

like image 472
cda01 Avatar asked Oct 07 '11 00:10

cda01

People also ask

What does FormsAuthentication SetAuthCookie do?

The SetAuthCookie method adds a forms-authentication ticket to either the cookies collection or the URL if CookiesSupported is false . The forms-authentication ticket supplies forms-authentication information to the next request made by the browser.

What is FormsAuthentication FormsCookieName?

Remarks. The FormsCookieName property value is set in the configuration file for an ASP.NET application by using the name attribute of the forms configuration element. The FormsCookieName is used to reference the cookie that stores the FormsAuthenticationTicket information.

What is persistent cookie C#?

Persistent Cookies: Persistent Cookies are Permanent Cookies stored as a text file in the hard disk of the computer. Non-Persistent Cookies: Non-Persistent cookies are temporary. They are also called in-memory cookies and session-based cookies.

How do I remove authentication from a cookie form?

You first need to Clear the Authentication Cookie and Session Cookie by passing back empty cookies in the Response to the Logout. public ActionResult LogOff() { FormsAuthentication. SignOut(); Session. Clear(); // This may not be needed -- but can't hurt Session.

2 Answers

timeout is mentioned in your authentication module as: 

<forms loginUrl="~/sign-in" timeout="2880" />

timeout="2880". This 2880 value is given in minutes. So if you divide 2880 by 60, you get 48 hours which is answer to your question. Users will have to provide their login credentials again after 48 hours period expires.

Hope it helps.

like image 120
Jogi Avatar answered Oct 19 '22 18:10

Jogi

I found the answer I was looking for thanks to this article:

Dan Sellers's WebLog

where he states:

in ASP.NET 2.0 the timeout value of both persistent and session based cookies are controlled by the timeout attribute on the<forms/>element

So in my example the persistent cookie will expire in 48 hours.

like image 23
cda01 Avatar answered Oct 19 '22 17:10

cda01
Sign in to Comment

Related questions

REST file upload with HttpRequestMessage or Stream?
Preventing a deadlock when calling an async method without using await
MVC 4 Web API Action return: Types vs HttpResponseMessage
Generate HTTPS link in Web API using Url.Link
System.Web.HttpContext.Current does not exist
Automatically run gulp tasks after saving some of javascript files in Visual Studio
How does the ASP.NET "Yellow Screen of Death" display code?
Classic ASP and ASP.NET Integration
Accessing parent control from child control - ASP.NET C#
How can I tell whether a JavaScript file has already been included in an ASP.NET page?
Error Binding Gridview: "The current TransactionScope is already complete"
Attempt to write a read-only database - System.Data.SQLite
How to share sessions between PHP and ASP.net application?
Windows fonts not immediately useable in application after installing?
What is the difference between Session.Abandon() and Session.Clear() in ASP.Net?
Displaying currency in C#
Problem creating persistent authentication cookie: ASP.NET MVC
Invalid length for a Base-64 char array during decoding/decryption
Why should I not make a class Serializable?
While trying to retrieve the authorization groups, an error (5) occurred

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!