+1-888-365-2779
Try Now
More in this section

Forums / General Discussions / Login & Sessionstate

Login & Sessionstate

4 posts, 0 answered
  1. Shawn Davis
    Shawn Davis avatar
    81 posts
    Registered:
    13 Oct 2012
    28 Jul 2010
    Link to this post
    I've noticed that when my session expires the login control still shows me logged in.  Are they at all related or will I just stay logged in until I log out?

    Thanks!
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    29 Jul 2010
    Link to this post
    Hello Shawn Davis,

    We use FormsAutnetication and its property - timeout. Forms authentication timeout value  is 30 minutes by default.  Aafter 30 minutes of inactivity, a user will be prompted to login again. Everytime they hit the site the 30 minute window clock gets reset. FormsAuthenticationTicket expires within 24 hours.

    Sincerely yours,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  3. Shawn Davis
    Shawn Davis avatar
    81 posts
    Registered:
    13 Oct 2012
    10 Aug 2010
    Link to this post
    After 30 minutes of inactivity my session variable are empty, but if I then navigate to a page that requires special rights I can still do it - I'm still logged in.  How can I get the user to be logged out when the session expires?

    Thanks.
  4. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    10 Aug 2010
    Link to this post
    Hi Shawn Davis,

    You can remove the authentication cookie or change the FormsAutnetication timeout attribute. Another option is creating a custom login where you set the Expiration of the cookie when the a user has been logged in.

    sample code.

    FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value);
              DateTime expiration = ticket.Expiration;
              if (newTimeout > 0)
                  expiration = DateTime.Now.AddMinutes(newTimeout);
               
              FormsAuthenticationTicket newTicket = new FormsAuthenticationTicket(ticket.Version,
                  ticket.Name,
                  ticket.IssueDate,
                  expiration,
                  ticket.IsPersistent,
                  userData,
                  ticket.CookiePath);
     
              if (ticket.IsPersistent)
              {
                  cookie.Expires = newTicket.Expiration;
              }
              cookie.Value = FormsAuthentication.Encrypt(newTicket);



    All the best,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
Register for webinar
4 posts, 0 answered