tags:

views:

2706

answers:

6
+7  Q: 

Extending Forms Authentication Timeout When Making AJAX Calls With jQuery

I'm looking to rewrite a pretty intensive CRUD type ASP.NET page to utilize ajax calls (specifically jQuery ajax). My concern in doing this is that the user may be on this page longer than the forms authentication timeout. Because of this, I'm thinking that I should extend the forms authentication ticket with each ajax call (basically how it does in a normal web forms submit model). So the questions:

Is this even a valid concern? If so, would writing a jQuery plugin to extend the forms authentication timeout be possible? Does one already exist? Would using ASP.NET AJAX be a better approach?

Any comments\help would be appreciated.

A: 

I don't think I completely understand what it is you're asking but in terms of the jquery ajax timeout, you can set the local timeout in the ajax call.

Example:

$.ajax('ajax.php',{timeout: 60000},function (data) {
alert(data);
}
Trick Jarrett  2008-12-22 18:51:23
The app is an ASP.NET that uses forms authentication. In traditional ASP.Net, the FormsAuth ticket is extended on postback. If I'm using AJAX, then I'm not doing a full postback and this ticket will never get extended if I don't do it explicitly (at least I think, hence the questions)
Godless667  2008-12-22 20:07:24
A: 

Use Fiddler or some other utility to see if Microsoft was smart enough to make sure the cookie gets updated between AJAX calls. You may have better luck (with regard to automatic updating of the forms auth tickeet) if you use Microsoft's baked-in asp.net AJAX (which is substantially similar).

Robert C. Barth  2008-12-22 23:15:18
+1  A: 

You should be able to use MS Ajax without the Script manager and use jQuery to consume the WebMethods. More info doing so here

As far as I know, calling a WebMethod will extend the user's session timeout. So this approach may be a best of both worlds.

Corey Downie  2008-12-23 14:41:46
A: 

Forms auth works via a cookie. Cookies are sent with XMLHttpRequest requests, so I don't think there's a problem here.

Note that there is an issue related to the FormsAuthTicket expiring, and being forced to redirect to login.aspx or some such. But that's an entirely different scenario than what you're talking about.

Mark Brackett  2008-12-23 15:05:01
+5  A: 

I can confirm that making a web service or page method call through jQuery will extend an ASP.NET session expiration in the same way that a regular postback will.

I often use a five minute setInterval() to call a "keep-alive" service, which will preserve the user's session indefinitely even if they leave the application idle.

Dave Ward  2008-12-23 19:08:58
A: 

Here is a blog post that might help.

sjb101  2009-10-16 11:44:08

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps