tags:

views:

49

answers:

1
+2  Q: 

ASP.NET authentification session

i have many sites under one asp.net forms authentification, they have mixed frameworks, some have 2.0 some 4.0. but it is all fine. everything works fine. but!!

here part of my web.config:

<authentication mode="Forms" ><forms loginUrl="../web/start_page/start_page.aspx"
    name=".ASPXFORMSAUTH" 
    protection="All"  
    path="/" 
    timeout="60" /></authentication>  
<machineKey
  validationKey="blablabla"
  validation="SHA1" />
<sessionState mode="InProc" stateNetworkTimeout="3600" />

Sometimes, after random time, for example two minutes, session on client ends, and he has again to enter password, why?? what am i missing?

Event Viewer shows:

Event code: 4005 
Event message: Forms authentication failed for the request. Reason: The ticket supplied    has expired. 
Event time: 21.09.2010 8:23:26 
Event time (UTC): 21.09.2010 4:23:26 
Event ID: e3a00bef332a4dec9cd1aa078a3d5aa4 
Event sequence: 277 
Event occurrence: 1 
Event detail code: 50202
+1  A: 

its because session time out event occurs so you need to increase your session time something like this 

<configuration>
  <sessionstate 
      mode="inproc"
      cookieless="false" 
      timeout="20" 
      sqlconnectionstring="data source=127.0.0.1;user id=<user id>;password=<password>"
      server="127.0.0.1" 
      port="42424" 
  />
</configuration>

Timeout. This option controls the length of time a session is considered valid. The session timeout is a sliding value; on each request the timeout period is set to the current time plus the timeout value

Pranay Rana  2010-09-21 05:46:57
so i have timeout=60, why doesnt it fits?
eba  2010-09-21 05:50:18
@eba -- check the timeout propety on more detail on msdn to increase your time out
Pranay Rana  2010-09-21 05:55:07
sessionstate config has nothing to do with forms authentication cookie timeouts.
RPM1984  2010-09-21 06:09:36
@RPM1984 - as per me he gets logged out because of session time out only form the site
Pranay Rana  2010-09-21 06:25:16
i dont understand your comment, sorry. the point im trying to make is session is server-side (adding a shopping cart, session["cart"] = cart;). the expiry of this item is done by your above answer. but forms auth cookie is client-side, the expiry is done by forms timeout=60, which he has. forms authentication cookie != session.
RPM1984  2010-09-21 06:42:45

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?