I'm using ASP.NET membership provider for the first time in a web application so I'm not extremely familiar with all of it's inner workings.
I basically have 2 issues...
1) I'm not sure how long a user is supposed to stayed logged in by default, but the login doesn't ever seem to expire. How is this configured?
2) When a login is expired, or when a user logs out, how do I make it force the user back to the login page? Do I have to write code for this or is there a way to set it up in the web.config so it will happen automatically.