TrialUser
asked on
Forms authentication ticket seems to expire pre-maturely and kick out the user
Although I set the timeout to 60 or 1440, it seems the user gets logged out in few minutes, may be 20-30 mts.
Any suggestions would be great.HOw canI start debugging this issue?
<sessionState mode="InProc" stateConnectionString="tcp ip=somethi ng" sqlConnectionString="data source=something;Trusted_C onnection= yes" cookieless="false" timeout="60" />
<forms name=".DSA" loginUrl="frmStartLogin.as px" defaultUrl="/frmStart.aspx " protection="All" timeout="1440" path="/" slidingExpiration="true" />
Dim tkt As FormsAuthenticationTicket
Dim cookiestr As String
Dim ck As HttpCookie
Dim intTimeoutMinutes As Integer = 1
Dim intRtn As Integer = 1
Try
'set cookie timout period based on isPersistent
If isPersistent Then
intTimeoutMinutes = 43200 '30 days
Else
intTimeoutMinutes = 60
End If
'create auth cookie
tkt = New FormsAuthenticationTicket( 1, strUserName, DateTime.Now(), DateTime.Now.AddMinutes(in tTimeoutMi nutes), isPersistent, strUserName)
cookiestr = FormsAuthentication.Encryp t(tkt)
ck = New HttpCookie(FormsAuthentica tion.Forms CookieName (), cookiestr)
If isPersistent Then
ck.Expires = tkt.Expiration
End If
ck.Path = FormsAuthentication.FormsC ookiePath( )
'write auth cookie to client PC
System.Web.HttpContext.Cur rent.Respo nse.Cookie s.Add(ck)
Catch ex As Exception
intRtn = -1
End Try
Any suggestions would be great.HOw canI start debugging this issue?
<sessionState mode="InProc" stateConnectionString="tcp
<forms name=".DSA" loginUrl="frmStartLogin.as
Dim tkt As FormsAuthenticationTicket
Dim cookiestr As String
Dim ck As HttpCookie
Dim intTimeoutMinutes As Integer = 1
Dim intRtn As Integer = 1
Try
'set cookie timout period based on isPersistent
If isPersistent Then
intTimeoutMinutes = 43200 '30 days
Else
intTimeoutMinutes = 60
End If
'create auth cookie
tkt = New FormsAuthenticationTicket(
cookiestr = FormsAuthentication.Encryp
ck = New HttpCookie(FormsAuthentica
If isPersistent Then
ck.Expires = tkt.Expiration
End If
ck.Path = FormsAuthentication.FormsC
'write auth cookie to client PC
System.Web.HttpContext.Cur
Catch ex As Exception
intRtn = -1
End Try
Why are you creating the cookies yourself? Forms authentication creates and manages the cookies for you.
ASKER
You mean just this would do it :
FormsAuthentication.SetAut hCookie(st rUserName, False) ?
FormsAuthentication.SetAut
ASKER
Ok, with my original code, it works in the local. However when I published it does not work in the production environment. The timeout does not take its minutes from the Web.config or what is set in the code.
Is there any setting in the IIS 7? Thanks
Is there any setting in the IIS 7? Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I was getting this error :.
The error I got is :
Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.
The error I got is :
Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.
ASKER
<authentication mode="Forms">
<forms name=".DSA" loginUrl="frmStartLogin.as px" defaultUrl="/frmStart.aspx " protection="All" timeout="1440" path="/" slidingExpiration="true" />
</authentication>
<forms name=".DSA" loginUrl="frmStartLogin.as
</authentication>
Is that on a particular page or all pages? Do you have only one web.config in the whole of your site?
ASKER
There is only web.config file.
ASKER
I re-wrote the code. Stripped out the code where I create the forms authentication cookie and did this still does not work. Makes me think somethng is wrong in the IIS 7 configuration. Please suggest. I really need to get this resolved asap. Any help will be rgeatly appreciated, Thanks
FormsAuthentication.Redire ctFromLogi nPage(strU serName, isPersistent)
authentication mode="Forms">
<forms loginUrl="frmstartlogin.as px" name=".ASPXFORMSAUTH" defaultUrl="frmstart.aspx" path="/" timeout="35">
</forms>
</authentication>
<sessionState mode="InProc" stateConnectionString="tcp ip=127.0.0 .1:42424" sqlConnectionString="data source=127.0.0.1;Trusted_C onnection= yes" timeout="20"/><sessionStat e mode="InProc" stateConnectionString="tcp ip=127.0.0 .1:42424" sqlConnectionString="data source=127.0.0.1;Trusted_C onnection= yes" timeout="20"/>
FormsAuthentication.Redire
authentication mode="Forms">
<forms loginUrl="frmstartlogin.as
</forms>
</authentication>
<sessionState mode="InProc" stateConnectionString="tcp
subscribed
Have you try this
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket
(
1, // version
txtEmail.Text, // name
DateTime.Now, // issueDate
DateTime.Now.AddMinutes(30 ), // expiration
false, // isPersistent
roles, // userData
FormsAuthentication.FormsC ookiePath // cookiePath
);
Reference:
http://weblogs.asp.net/owscott/archive/2006/07/15/Forms-Authentication-Timeout.aspx
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket
(
1, // version
txtEmail.Text, // name
DateTime.Now, // issueDate
DateTime.Now.AddMinutes(30
false, // isPersistent
roles, // userData
FormsAuthentication.FormsC
);
Reference:
http://weblogs.asp.net/owscott/archive/2006/07/15/Forms-Authentication-Timeout.aspx
Hi,
Check the AppPool assigned for the website in the IIS.
Right Click on the assigned AppPool and click "Advanced Settings"
In that check for "Idle Timeout - Minutes" under the process Model..
Regards
Rajeesh
Check the AppPool assigned for the website in the IIS.
Right Click on the assigned AppPool and click "Advanced Settings"
In that check for "Idle Timeout - Minutes" under the process Model..
Regards
Rajeesh