dbashley1
asked on
Persistent Cookie for Login not working
The remember me feature for login is not working for me. All other aspects seem to work fine. When the timeout expires it makes me log in again. I was under the impression that entering "True" in the redirectfromlogin would set a persistant cookie that overrides the timeout. What am I doing wrong?
Here is the relevant web config
************************** ********** **
<authentication mode="Forms">
<forms loginUrl="admin/login.aspx " name="UCLGN" timeout="1" protection="All" ></forms>
</authentication>
<location path="admin">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
************************** **********
I set the timeout to 1 to exagerate the problem for testing.
Here is my login page code
************************** **********
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Not IsPostBack Then
FormsAuthentication.SignOu t()
End If
End Sub
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim conn As New SqlConnection(Configuratio nManager.C onnectionS trings("UC ").Connect ionString)
Dim cmd As New SqlCommand("SELECT * FROM vUsers WHERE username = @username and password = @password", conn)
cmd.Parameters.AddWithValu e("@userna me", Me.txtUserName.Text)
cmd.Parameters.AddWithValu e("@passwo rd", Me.txtPassword.Text)
conn.Open()
Dim dtr As SqlDataReader = cmd.ExecuteReader(CommandB ehavior.Cl oseConnect ion)
If dtr.Read Then
FormsAuthentication.Redire ctFromLogi nPage(dtr( "idUser"), Me.chkRememberMe.Checked)
Else
Me.lblLoginMessage.Text = "Invalid Login"
End If
End Sub
Here is the relevant web config
**************************
<authentication mode="Forms">
<forms loginUrl="admin/login.aspx
</authentication>
<location path="admin">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
**************************
I set the timeout to 1 to exagerate the problem for testing.
Here is my login page code
**************************
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Not IsPostBack Then
FormsAuthentication.SignOu
End If
End Sub
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim conn As New SqlConnection(Configuratio
Dim cmd As New SqlCommand("SELECT * FROM vUsers WHERE username = @username and password = @password", conn)
cmd.Parameters.AddWithValu
cmd.Parameters.AddWithValu
conn.Open()
Dim dtr As SqlDataReader = cmd.ExecuteReader(CommandB
If dtr.Read Then
FormsAuthentication.Redire
Else
Me.lblLoginMessage.Text = "Invalid Login"
End If
End Sub
ASKER
sammy,
I added that...it didn't seem to make a difference.
I added that...it didn't seem to make a difference.
ASKER
In my temp internet files I see a single cookie with an expiration one minute after creation. Should there be another cookie for the persistant feature?
ASKER
I found this article.....
http://blogs.msdn.com/dansellers/archive/2006/02/15/532359.aspx
Indicating that in 2.0 both the session and persistant cookie timeout is controled by the timout value in your web config.
http://blogs.msdn.com/dansellers/archive/2006/02/15/532359.aspx
Indicating that in 2.0 both the session and persistant cookie timeout is controled by the timout value in your web config.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
<authentication mode="Forms">
<forms loginUrl="admin/login.aspx
</authentication>
HTH