asp forms authentication

1 view
Skip to first unread message

Thom Shannon

unread,
Aug 4, 2008, 8:25:55 AM8/4/08
to liverpoolus...@googlegroups.com
I always seem to have real trouble getting it to stay logged in, the
"remember me" check never works at all.

Anyone else had these problems?

Paul Kinlan

unread,
Aug 4, 2008, 9:02:34 AM8/4/08
to liverpoolus...@googlegroups.com
Whats the time-out value for the forms authentication?

Paul

2008/8/4 Thom Shannon <th...@glow-internet.com>

Paul Kinlan

unread,
Aug 4, 2008, 9:06:31 AM8/4/08
to liverpoolus...@googlegroups.com
Also, it won't work if your app is on iis6 and is set to recycle, I think the machine key changes causing your saved cookie to be invalid.

Paul.

2008/8/4 Paul Kinlan <paul....@gmail.com>

Michael James

unread,
Aug 4, 2008, 9:10:45 AM8/4/08
to liverpoolus...@googlegroups.com
If remember me is important, set a static machine key in the app's
web.config. You also need to do this if you are doing a cross app
cookie for single sign on etc.

<machineKey validationKey="[put a key here]"
decryptionKey="[put a key here]"
validation="SHA1" decryption="Auto" />

2008/8/4 Paul Kinlan <paul....@gmail.com>:

--
Regards,

Michael James
m. 07793-113-556
e. mi...@mjjames.co.uk
twitter. mjjames

Paul Kinlan

unread,
Aug 4, 2008, 9:13:27 AM8/4/08
to liverpoolus...@googlegroups.com
ignore that last email.  I am not sure if it changes per reset, only per application if it AutoGenerate,IsolateApps

2008/8/4 Paul Kinlan <paul....@gmail.com>

Paul Kinlan

unread,
Aug 4, 2008, 9:14:12 AM8/4/08
to liverpoolus...@googlegroups.com
I can't recall if this is for web farm scenarios or in general.

2008/8/4 Michael James <mike.jo...@gmail.com>

Thom Shannon

unread,
Aug 4, 2008, 9:59:19 AM8/4/08
to liverpoolus...@googlegroups.com
its on the default 30 mins

i'll have a play with that machine key, cheers
--
*** OPEN COFFEE - http://upcoming.yahoo.com/event/833196/ ***

Terms & Conditions Apply: http://www.glow-internet.com/home/terms.aspx

Glow New Media
t: 0151 707 9770
m: 07730 987 574
www.glow-internet.com

Suite 712 Gostins Building
32-36 Hanover Street
Liverpool
L1 4LN

Map: http://tinyurl.com/2f5nxd

Paul Kinlan

unread,
Aug 4, 2008, 10:03:13 AM8/4/08
to liverpoolus...@googlegroups.com
I take it they don't even last 30 minutes, it would make sense if that it might be the machine key if it is restarted every time your app is reset.

Are the cookies on the new request that you send to the server?

2008/8/4 Thom Shannon <th...@glow-internet.com>

Thom Shannon

unread,
Aug 4, 2008, 10:14:24 AM8/4/08
to liverpoolus...@googlegroups.com
the session cookie is always there, just stops being valid.

It really drives me crazy locally debugging, I'd understand if it just did it when I stopped and started debugging, but it just seems to randomly log me out after a few requests.

Paul Kinlan

unread,
Aug 4, 2008, 10:43:26 AM8/4/08
to liverpoolus...@googlegroups.com
We had an issue where we got random log outs a while ago, but it was to do sessionIDManagerType in the session part of the web.config, our session cookie was encrypted and we didnt have anything to un-decrypt it in asp.net until we added the sessionIdManagerType.

Is the auth cookie there, as that is what handles the login?  The session cookie is for your current session.

Paul.

2008/8/4 Thom Shannon <th...@glow-internet.com>

Paul Kinlan

unread,
Aug 7, 2008, 6:38:52 AM8/7/08
to liverpoolus...@googlegroups.com
Thom, Did you manage to sort it out?

2008/8/4 Paul Kinlan <paul....@gmail.com>

Thom Shannon

unread,
Aug 7, 2008, 12:10:42 PM8/7/08
to liverpoolus...@googlegroups.com
Yeah cheers Paul, there were a few weird things going on with user objects being put in the session but it's all working fine now.
Reply all
Reply to author
Forward
0 new messages