Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

ASP.NET 2.0 Login Control - Remember password not working?

Posted on 2006-11-03
9
Medium Priority
?
482 Views
Last Modified: 2009-12-16
We have built an ASP.NET application, where we use the standard ASP.NET 2.0 Login control.

When I checkmark the "remember my password" within the login control, the Web-page still does not remember me... I am using Internet Explorer 6.0.
What is this checkmark thought to do, and where lies my problem.

Actually, when I checkmark this and close my web-page without logging out I need not to login again when opening page in another Internet Explorer, but this "remembering" seems to me somehow strange... What should happen, or where could lay my mistake.

Thanks,

Sina Falahati

0
Comment
Question by:falahati_sina
9 Comments
 
LVL 15

Expert Comment

by:mattisflones
ID: 17870534
This control uses cookies, do you allow that?
0
 
LVL 15

Expert Comment

by:mattisflones
ID: 17870557
"Actually, when I checkmark this and close my web-page without logging out I need not to login again when opening page in another Internet Explorer"

Try closing all IE windows, and you should experience something totally different.. The session state gets preserved even if you close the one window.
0
 
LVL 6

Accepted Solution

by:
manicsquirrel earned 600 total points
ID: 17871065
When Forms authentication is used, the login state is maintained in a cookie.  If you quit IE without loggin out, you are still "logged in" until the cookie times out.  If you log out, the next time you open the page you will be prompted for credentials.

You might also want to examine the cookie timeout setting.  
1. From IIS MMC, right click on your website and select Properties.  
2. Click on the ASP.Net tab
3. Click the Edit Configuration button
4. A new dialog box will display.  Select the Authentications tab.
5. You can select a timeout for your cookie in the Cookie TImeout dropdown box.  You can also over-type a custom value.

I think the default timeout is 15 or 30 minutes.  So, during your experimentation, you may be able to log in to the page, quit IE and continue not having to log.  Then the cookie will expire without your knowledge (15 or 30 minutes later) and leave you scratching your head wondering what you did wrong.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 15

Expert Comment

by:mattisflones
ID: 17871100
Timeout is allways 30 mins as default for cookies.

And, there is no saved cookie in this case, that you can see from the original Q.. "remember me does not work"..
0
 
LVL 6

Expert Comment

by:manicsquirrel
ID: 17871139
"remember me does not work"..

It was stated that if the browser is closed without logging out and the browser is  reopened that credentials aren't required.  This means the cookie is working.
0
 
LVL 15

Expert Comment

by:mattisflones
ID: 17871159
No, it does not..
0
 
LVL 12

Assisted Solution

by:deanvanrooyen
deanvanrooyen earned 450 total points
ID: 17872278
in the web.config there are settings on the authenticate element that needs to be set to allow for persistant sessions. Also the last param in the following method is used to persist the cookie. Also I am sure default when not set to sliding experiation is 20 minutes?

eg
FormsAuthentication.RedirectFromLoginPage(UserEmail.Value, PersistCookie.Checked)
http://msdn2.microsoft.com/en-us/library/532aee0e(VS.80).aspx

I had fun and games with this and iis6 and asp.net 2.0, tried to override session timeout in iis with no luck but actually manually setting it in asp.net worked ok, eg in the global.asax in session  start or something like that.
0
 
LVL 27

Assisted Solution

by:Sammy Ageil
Sammy Ageil earned 450 total points
ID: 17872599
This is was reporter with june 2005 CPT. there is a work around for the issue but no resolution after all this time
see the report at http://connect.microsoft.com/VisualStudio/feedback/ViewFeedback.aspx?FeedbackID=102143
the workaround at http://connect.microsoft.com/VisualStudio/feedback/Workaround.aspx?FeedbackID=102143

HTH
0
 

Author Comment

by:falahati_sina
ID: 17872719
Thanks for your comments...
I found the following comment: http://forums.asp.net/thread/1424012.aspx
Which suggests, that "remember me" on ASP.NET means actually "keep me logged in"...


"
I was convinced that this control was not working in my website -- but that was because I had a misconception of what was supposed to be happening.
Now, there's no guarantee that that is what's happening with others, they may well have other issues.

Here's what I expected to see:

I log into the website. Visit a page. Log out.

Next time I come back, my username and/or my password are "pre-filled" in the fields.


That didn't happen, of course. When I returned the fields were blank as the day I dropped them into the form.


But I listened to what Randy was saying and I thought, wait a sec... and I did a little testing.

What DOES happen for me (and I just tested it in both IE6 and FF) is that:


I log into the website. I don't log out of the website.

I log off Windows or reboot. I come back. I'm still logged in and go straight to the restricted page (which has a login name showing me I'm logged in) without stopping at the login.

If I uncheck the 'remember me' box and log off Windows (or presumably wait out the session) and then try to go to the restricted page, I have to log back in.


So what I'm going to do is change the "Remember me" caption to "Keep me logged in"...

Now, that might not be what's happening for others -- but it really got to the heart of my issue.      

So, thanks to Randy."

And ...


"If I check "Remember me" when I log in and don't explicitly log out, I  stay logged in beyond the end of the session, in IE 6 or FF, with cookies enabled. (I can reboot, etc, come back and still be logged into the website.)

However, if I log off the website, then I'm logged off, period. And the log in fields are, indeed, blank. (Of course, that's excluding any Firefox tricks.) "


Would you agree?

Thanks, Sina

0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses the ASP.NET AJAX ModalPopupExtender control. In this article we will show how to use the ModalPopupExtender control, how to display/show/call the ASP.NET AJAX ModalPopupExtender control from javascript, how to show/display/cal…
I recently went through the process of creating a Calendar Control of events with the basis of using a database to keep track of the dates that are selectable, one requirement was to have the selected date pop-up in a simple lightbox.  At first this…
Loops Section Overview
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question