Solved

Persistent Cookie for Login not working

Posted on 2006-06-21
8
344 Views
Last Modified: 2008-02-26
The remember me feature for login is not working for me.  All other aspects seem to work fine.  When the timeout expires it makes me log in again.  I was under the impression that entering "True" in the redirectfromlogin would set a persistant cookie that overrides the timeout.  What am I doing wrong?



Here is the relevant web config
**************************************
 <authentication mode="Forms">
        <forms loginUrl="admin/login.aspx" name="UCLGN" timeout="1" protection="All" ></forms>
      </authentication>


 <location path="admin">
    <system.web>
      <authorization>
        <deny users="?" />
      </authorization>
    </system.web>
  </location>
************************************

I set the timeout to 1 to exagerate the problem for testing.

Here is my login page code
************************************
 Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If Not IsPostBack Then
            FormsAuthentication.SignOut()
        End If
    End Sub


    Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim conn As New SqlConnection(ConfigurationManager.ConnectionStrings("UC").ConnectionString)
        Dim cmd As New SqlCommand("SELECT * FROM vUsers WHERE username = @username and password = @password", conn)
        cmd.Parameters.AddWithValue("@username", Me.txtUserName.Text)
        cmd.Parameters.AddWithValue("@password", Me.txtPassword.Text)
        conn.Open()
        Dim dtr As SqlDataReader = cmd.ExecuteReader(CommandBehavior.CloseConnection)
        If dtr.Read Then
            FormsAuthentication.RedirectFromLoginPage(dtr("idUser"), Me.chkRememberMe.Checked)
        Else
            Me.lblLoginMessage.Text = "Invalid Login"
        End If
    End Sub

0
Comment
Question by:dbashley1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
8 Comments
 
LVL 27

Expert Comment

by:Sammy
ID: 16952356
looks like you are missing the cookie path in your web.config

<authentication mode="Forms">
        <forms loginUrl="admin/login.aspx" name="UCLGN" timeout="1" path="/" protection="All" ></forms>
      </authentication>

HTH
0
 

Author Comment

by:dbashley1
ID: 16952689
sammy,

I added that...it didn't seem to make a difference.

0
 

Author Comment

by:dbashley1
ID: 16952939
In my temp internet files I see a single cookie with an expiration one minute after creation.  Should there be another cookie for the persistant feature?
0
 

Author Comment

by:dbashley1
ID: 16953317
I found this article.....
http://blogs.msdn.com/dansellers/archive/2006/02/15/532359.aspx

Indicating that in 2.0  both the session and persistant cookie timeout is controled by the timout value in your web config.

0
 
LVL 27

Accepted Solution

by:
Sammy earned 250 total points
ID: 16957347
dbashley,
in asp.net 2.0 setting authentication cookie without a sliding expiration will cause the framework to create a cookie using something like this DateTime.Now.AddMinutes(T), where T is the time you have configured in your web.config as the timeout time.  if you omitted that you would default to 30 minutes

I would clear the temp file completely, login and check it out see if the cookie have been written, another option is to use a different browser for testing purposes.

Regards
Sammy
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the pain points with developing AJAX, JavaScript, JQuery, and other client-side behaviors is that JavaScript doesn’t allow for cross domain request for pulling content. For example, JavaScript code on www.johnchapman.name could not pull conte…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question