?
Solved

Persistent Cookie for Login not working

Posted on 2006-06-21
8
Medium Priority
?
346 Views
Last Modified: 2008-02-26
The remember me feature for login is not working for me.  All other aspects seem to work fine.  When the timeout expires it makes me log in again.  I was under the impression that entering "True" in the redirectfromlogin would set a persistant cookie that overrides the timeout.  What am I doing wrong?



Here is the relevant web config
**************************************
 <authentication mode="Forms">
        <forms loginUrl="admin/login.aspx" name="UCLGN" timeout="1" protection="All" ></forms>
      </authentication>


 <location path="admin">
    <system.web>
      <authorization>
        <deny users="?" />
      </authorization>
    </system.web>
  </location>
************************************

I set the timeout to 1 to exagerate the problem for testing.

Here is my login page code
************************************
 Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If Not IsPostBack Then
            FormsAuthentication.SignOut()
        End If
    End Sub


    Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim conn As New SqlConnection(ConfigurationManager.ConnectionStrings("UC").ConnectionString)
        Dim cmd As New SqlCommand("SELECT * FROM vUsers WHERE username = @username and password = @password", conn)
        cmd.Parameters.AddWithValue("@username", Me.txtUserName.Text)
        cmd.Parameters.AddWithValue("@password", Me.txtPassword.Text)
        conn.Open()
        Dim dtr As SqlDataReader = cmd.ExecuteReader(CommandBehavior.CloseConnection)
        If dtr.Read Then
            FormsAuthentication.RedirectFromLoginPage(dtr("idUser"), Me.chkRememberMe.Checked)
        Else
            Me.lblLoginMessage.Text = "Invalid Login"
        End If
    End Sub

0
Comment
Question by:dbashley1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
8 Comments
 
LVL 27

Expert Comment

by:Sammy Ageil
ID: 16952356
looks like you are missing the cookie path in your web.config

<authentication mode="Forms">
        <forms loginUrl="admin/login.aspx" name="UCLGN" timeout="1" path="/" protection="All" ></forms>
      </authentication>

HTH
0
 

Author Comment

by:dbashley1
ID: 16952689
sammy,

I added that...it didn't seem to make a difference.

0
 

Author Comment

by:dbashley1
ID: 16952939
In my temp internet files I see a single cookie with an expiration one minute after creation.  Should there be another cookie for the persistant feature?
0
 

Author Comment

by:dbashley1
ID: 16953317
I found this article.....
http://blogs.msdn.com/dansellers/archive/2006/02/15/532359.aspx

Indicating that in 2.0  both the session and persistant cookie timeout is controled by the timout value in your web config.

0
 
LVL 27

Accepted Solution

by:
Sammy Ageil earned 1000 total points
ID: 16957347
dbashley,
in asp.net 2.0 setting authentication cookie without a sliding expiration will cause the framework to create a cookie using something like this DateTime.Now.AddMinutes(T), where T is the time you have configured in your web.config as the timeout time.  if you omitted that you would default to 30 minutes

I would clear the temp file completely, login and check it out see if the cookie have been written, another option is to use a different browser for testing purposes.

Regards
Sammy
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses the ASP.NET AJAX ModalPopupExtender control. In this article we will show how to use the ModalPopupExtender control, how to display/show/call the ASP.NET AJAX ModalPopupExtender control from javascript, how to show/display/cal…
In an ASP.NET application, I faced some technical problems. In this article, I list them out and show the solutions that I found.  I hope it will be useful. Problem: After closing a pop-up window, the parent page should be refreshed automaticall…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question