Ask a Question related to ASP.NET Security, Design and Development.
-
Swati #1
How long is the formsauthentication ticket valid
Hello
These questions may seem stupid but I am confused about the
formsauthentication ticket stuff. From what I know till now it is a
cookie/session variable ( I am still not sure which of the two).
1. When I use a FormsAuthentication.SetAuthCookie method I do not
specify a timeout. So how long is this valid.
2. Is this the same thing that I later access using
Contect.User.Identity?
Any help appreciated.
thnx,
Swati
Swati Guest
-
Question about a long session timeout (somewhat long)
I've been told by my developers to increase the asp.net session timeout to 72 hours. Being a server guy, it concerns me because of the obvious... -
kdc ticket auditing
Hi, I would like to audit the kdc ticket activity: I mean: I access IIS via kerberos, so I find in event viewer the 672 entry, then I have a 673... -
FormsAuthentication.SignOut() does not appear to remove authentication ticket
My applicaiton is using forms authentication. I want to have a logout button. Users initially go to page main.aspx. If it is the first time the... -
HOW TO: make a session valid only as long as user on site?
I trying to use sessions to save a user name/id after login. If the user leaves the site and comes back, how do I force a new session and login? -
Golden Ticket
How do I set a golden background which will have a real shine? -
avnrao #2 Re: How long is the formsauthentication ticket valid
the timeout you specify in the web.config will be considered.
<authentication mode="Forms">
<forms name=".ASPXFORMSDEMO" loginUrl="logon.aspx"
protection="All" path="/" timeout="30" />
</authentication>
the AuthCookie is stored as cookie (not a session variable) on the client.
each time you get a request to the server, you need to read this cookie and
populate your Context.User with a GenericPrinciple object created using this
cookie. This generally is done in Application_Authenticate method in
global.asax file.
more info :
[url]http://support.microsoft.com/default.aspx?scid=kb;en-us;301240&Product=aspnet[/url]
hth,
Av.
"Swati" <swatisahasrabudhe@yahoo.com> wrote in message
news:abadda58.0404290359.399d040e@posting.google.c om...> Hello
>
> These questions may seem stupid but I am confused about the
> formsauthentication ticket stuff. From what I know till now it is a
> cookie/session variable ( I am still not sure which of the two).
> 1. When I use a FormsAuthentication.SetAuthCookie method I do not
> specify a timeout. So how long is this valid.
> 2. Is this the same thing that I later access using
> Contect.User.Identity?
>
> Any help appreciated.
>
> thnx,
> Swati
avnrao Guest
-
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
