c# .net - authentication expiring prematurely

Question

I am setting up the authentication cookie in c# as persistent and with an end date of one year from now, but it expires not too long after being set. The code is below...

DateTime endDate = new DateTime();
endDate = DateTime.Now.AddYears(1);

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
                                                            username,
                                                            DateTime.Now,
                                                            endDate, 
                                                            true, 
                                                            userId.ToString(),
                                                            FormsAuthentication.FormsCookiePath);


string encryptedTicket = FormsAuthentication.Encrypt(ticket);

HttpCookie authCookie = new HttpCookie(
                       FormsAuthentication.FormsCookieName,
                       encryptedTicket);

authCookie.Expires = endDate;

Response.Cookies.Add(authCookie);

Any ideas?

Answer 1

I figured it out...when I was checking whether the the user was authenticated, I used the following code...

if (HttpContext.Current.User != null && HttpContext.Current.User.Identity.IsAuthenticated)
{
     return true;
}

when I removed the first check (ie HttpContext.Current.User != null) it started working. Although I don't really understand how HttpContext.Current.User.Identity.IsAuthenticated could be true when HttpContext.Current.User null.

Either way, it works now, so no issue.