I have a testproject and the forms timeout specified in web.config overrules the timeout which I set in FormsAuthenticationTicket. According the documentation, the timeout (expire date) in FormsAuthenticationTicket must override the timeout in web.config.
Documentation found on: http://support.microsoft.com/kb/910443
If the ticket is generated manually by using the FormsAuthenticationTicket class, the time-out can be set through the Expiration attribute. This value will override the timeout attribute value specified in configuration files.
Here is my code:
Web.config:
<authentication mode="Forms">
<forms
timeout="1"
loginUrl="login.aspx"
name="sessionTest"
cookieless="UseCookies"
defaultUrl="default.aspx"
/>
</authentication>
Login.aspc.cs:
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(Login1.UserName, false, 2);
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
Response.Cookies.Add(cookie);
// redirect user
FormsAuthentication.RedirectFromLoginPage(Login1.UserName, false);
Now, when I login, i get redirected after 1 minute of inactivity. This isn't supposed to happen, right? I have to be redirected after 2 minutes.
Someone can explain this?