Solved

ASP.NET 2.0 Login Control - Remember password not working?

Posted on 2006-11-03
9
470 Views
Last Modified: 2009-12-16
We have built an ASP.NET application, where we use the standard ASP.NET 2.0 Login control.

When I checkmark the "remember my password" within the login control, the Web-page still does not remember me... I am using Internet Explorer 6.0.
What is this checkmark thought to do, and where lies my problem.

Actually, when I checkmark this and close my web-page without logging out I need not to login again when opening page in another Internet Explorer, but this "remembering" seems to me somehow strange... What should happen, or where could lay my mistake.

Thanks,

Sina Falahati

0
Comment
Question by:falahati_sina
9 Comments
 
LVL 15

Expert Comment

by:mattisflones
ID: 17870534
This control uses cookies, do you allow that?
0
 
LVL 15

Expert Comment

by:mattisflones
ID: 17870557
"Actually, when I checkmark this and close my web-page without logging out I need not to login again when opening page in another Internet Explorer"

Try closing all IE windows, and you should experience something totally different.. The session state gets preserved even if you close the one window.
0
 
LVL 6

Accepted Solution

by:
manicsquirrel earned 200 total points
ID: 17871065
When Forms authentication is used, the login state is maintained in a cookie.  If you quit IE without loggin out, you are still "logged in" until the cookie times out.  If you log out, the next time you open the page you will be prompted for credentials.

You might also want to examine the cookie timeout setting.  
1. From IIS MMC, right click on your website and select Properties.  
2. Click on the ASP.Net tab
3. Click the Edit Configuration button
4. A new dialog box will display.  Select the Authentications tab.
5. You can select a timeout for your cookie in the Cookie TImeout dropdown box.  You can also over-type a custom value.

I think the default timeout is 15 or 30 minutes.  So, during your experimentation, you may be able to log in to the page, quit IE and continue not having to log.  Then the cookie will expire without your knowledge (15 or 30 minutes later) and leave you scratching your head wondering what you did wrong.
0
 
LVL 15

Expert Comment

by:mattisflones
ID: 17871100
Timeout is allways 30 mins as default for cookies.

And, there is no saved cookie in this case, that you can see from the original Q.. "remember me does not work"..
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 6

Expert Comment

by:manicsquirrel
ID: 17871139
"remember me does not work"..

It was stated that if the browser is closed without logging out and the browser is  reopened that credentials aren't required.  This means the cookie is working.
0
 
LVL 15

Expert Comment

by:mattisflones
ID: 17871159
No, it does not..
0
 
LVL 12

Assisted Solution

by:deanvanrooyen
deanvanrooyen earned 150 total points
ID: 17872278
in the web.config there are settings on the authenticate element that needs to be set to allow for persistant sessions. Also the last param in the following method is used to persist the cookie. Also I am sure default when not set to sliding experiation is 20 minutes?

eg
FormsAuthentication.RedirectFromLoginPage(UserEmail.Value, PersistCookie.Checked)
http://msdn2.microsoft.com/en-us/library/532aee0e(VS.80).aspx

I had fun and games with this and iis6 and asp.net 2.0, tried to override session timeout in iis with no luck but actually manually setting it in asp.net worked ok, eg in the global.asax in session  start or something like that.
0
 
LVL 27

Assisted Solution

by:Sammy
Sammy earned 150 total points
ID: 17872599
This is was reporter with june 2005 CPT. there is a work around for the issue but no resolution after all this time
see the report at http://connect.microsoft.com/VisualStudio/feedback/ViewFeedback.aspx?FeedbackID=102143
the workaround at http://connect.microsoft.com/VisualStudio/feedback/Workaround.aspx?FeedbackID=102143

HTH
0
 

Author Comment

by:falahati_sina
ID: 17872719
Thanks for your comments...
I found the following comment: http://forums.asp.net/thread/1424012.aspx
Which suggests, that "remember me" on ASP.NET means actually "keep me logged in"...


"
I was convinced that this control was not working in my website -- but that was because I had a misconception of what was supposed to be happening.
Now, there's no guarantee that that is what's happening with others, they may well have other issues.

Here's what I expected to see:

I log into the website. Visit a page. Log out.

Next time I come back, my username and/or my password are "pre-filled" in the fields.


That didn't happen, of course. When I returned the fields were blank as the day I dropped them into the form.


But I listened to what Randy was saying and I thought, wait a sec... and I did a little testing.

What DOES happen for me (and I just tested it in both IE6 and FF) is that:


I log into the website. I don't log out of the website.

I log off Windows or reboot. I come back. I'm still logged in and go straight to the restricted page (which has a login name showing me I'm logged in) without stopping at the login.

If I uncheck the 'remember me' box and log off Windows (or presumably wait out the session) and then try to go to the restricted page, I have to log back in.


So what I'm going to do is change the "Remember me" caption to "Keep me logged in"...

Now, that might not be what's happening for others -- but it really got to the heart of my issue.      

So, thanks to Randy."

And ...


"If I check "Remember me" when I log in and don't explicitly log out, I  stay logged in beyond the end of the session, in IE 6 or FF, with cookies enabled. (I can reboot, etc, come back and still be logged into the website.)

However, if I log off the website, then I'm logged off, period. And the log in fields are, indeed, blank. (Of course, that's excluding any Firefox tricks.) "


Would you agree?

Thanks, Sina

0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Just a quick little trick I learned recently.  Now that I'm using jQuery with abandon in my asp.net applications, I have grown tired of the following syntax:      (CODE) I suppose it just offends my sense of decency to put inline VBScript on a…
Today is the age of broadband.  More and more people are going this route determined to experience the web and it’s multitude of services as quickly and painlessly as possible. Coupled with the move to broadband, people are experiencing the web via …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now