Yes. When the user is authenticated with FormsAuthentcation.RedirectFromLoginPage
or with FormsAuthentication.SetAuthCookie, pass false to the second parameter.
This assigns a volatile cookie that should be discarded when the user closes
the browser.

-Brock
DevelopMentor
[url]http://staff.develop.com/ballen[/url]


> Is there a way to expire the Forms Authentication cookie once the user
> closes a browser window? I've notice that when I close IE and
> immediately reopen it to the site, the user remains authenticated. The
> Forms Cookie did not expire. I get a new session id. I am not using a
> persist cookie.
>
> Also, is there a way to limit the authorization to just one session
> (brower instance)? I've noticed that if I open up multiple brower
> windows, all the sessions are automatically authenticated using the my
> existing Forms Cookie.
>
> Thanks for all your help.
>