Solved

Persistent Cookie for Login not working

Posted on 2006-06-21
8
339 Views
Last Modified: 2008-02-26
The remember me feature for login is not working for me.  All other aspects seem to work fine.  When the timeout expires it makes me log in again.  I was under the impression that entering "True" in the redirectfromlogin would set a persistant cookie that overrides the timeout.  What am I doing wrong?



Here is the relevant web config
**************************************
 <authentication mode="Forms">
        <forms loginUrl="admin/login.aspx" name="UCLGN" timeout="1" protection="All" ></forms>
      </authentication>


 <location path="admin">
    <system.web>
      <authorization>
        <deny users="?" />
      </authorization>
    </system.web>
  </location>
************************************

I set the timeout to 1 to exagerate the problem for testing.

Here is my login page code
************************************
 Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If Not IsPostBack Then
            FormsAuthentication.SignOut()
        End If
    End Sub


    Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim conn As New SqlConnection(ConfigurationManager.ConnectionStrings("UC").ConnectionString)
        Dim cmd As New SqlCommand("SELECT * FROM vUsers WHERE username = @username and password = @password", conn)
        cmd.Parameters.AddWithValue("@username", Me.txtUserName.Text)
        cmd.Parameters.AddWithValue("@password", Me.txtPassword.Text)
        conn.Open()
        Dim dtr As SqlDataReader = cmd.ExecuteReader(CommandBehavior.CloseConnection)
        If dtr.Read Then
            FormsAuthentication.RedirectFromLoginPage(dtr("idUser"), Me.chkRememberMe.Checked)
        Else
            Me.lblLoginMessage.Text = "Invalid Login"
        End If
    End Sub

0
Comment
Question by:dbashley1
  • 3
  • 2
8 Comments
 
LVL 27

Expert Comment

by:Sammy
ID: 16952356
looks like you are missing the cookie path in your web.config

<authentication mode="Forms">
        <forms loginUrl="admin/login.aspx" name="UCLGN" timeout="1" path="/" protection="All" ></forms>
      </authentication>

HTH
0
 

Author Comment

by:dbashley1
ID: 16952689
sammy,

I added that...it didn't seem to make a difference.

0
 

Author Comment

by:dbashley1
ID: 16952939
In my temp internet files I see a single cookie with an expiration one minute after creation.  Should there be another cookie for the persistant feature?
0
 

Author Comment

by:dbashley1
ID: 16953317
I found this article.....
http://blogs.msdn.com/dansellers/archive/2006/02/15/532359.aspx

Indicating that in 2.0  both the session and persistant cookie timeout is controled by the timout value in your web config.

0
 
LVL 27

Accepted Solution

by:
Sammy earned 250 total points
ID: 16957347
dbashley,
in asp.net 2.0 setting authentication cookie without a sliding expiration will cause the framework to create a cookie using something like this DateTime.Now.AddMinutes(T), where T is the time you have configured in your web.config as the timeout time.  if you omitted that you would default to 30 minutes

I would clear the temp file completely, login and check it out see if the cookie have been written, another option is to use a different browser for testing purposes.

Regards
Sammy
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I recently went through the process of creating a Calendar Control of events with the basis of using a database to keep track of the dates that are selectable, one requirement was to have the selected date pop-up in a simple lightbox.  At first this…
ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now