tags:

views:

278

answers:

1
+2  Q: 

membership timeout and session timeout

I need to set memebership timeout to be less than session timeout to avoid using the membership and the login session is expired, this is a problem that i face in my asp.net application that i am using login control and when the user send a comment and the login control session is expired it should not accept the comment and i knew later that i have to make membership timeout expire before login control session expiration.

So how can i make membership timeout to expire b4 session expiration??

Thanks in advance

+3  A: 

You could set the timeout for the session and authentication cookies:

<authentication mode="Forms">
  <forms
    loginUrl="/login.aspx"
    requireSSL="true"
    protection="All"
    timeout="15"
    domain="example.com"
    slidingExpiration="true"
    name="auth_cookie" />
</authentication>

and the session:

<system.web>
    <sessionState 
      mode="InProc"
      cookieless="false"
      timeout="20" />
</system.web>
Darin Dimitrov  2009-12-06 12:24:41

related questions

after running aspnet_regsql.exe , do I have to init the db with data? how?
Not using e-mail address in a custom MembershipProvider?
How to pass the current user to a web control declaratively
How do you rename a Role using Membership in .NET?
What encryption algorithm does the .net membership provider use?
Membership.GetUser() & MARS
Web.config editing for Membership Role Authorization
Globalization of Membership exceptions isn't taking place... What to do?
OpenId development while disconnected from Internet
programmatic login with .net membership provider
Addin extra properties to MembershipProvider
ASP.Net Providers from web server in DMZ
ASP.NET PasswordRecovery Control with Localized content
Examples of asp.net mvc and authentication
ASP.NET Membership for high security scenarios?
ASP.NET Forms Authentication With Only UserName
What to use for membership in ASP.NET
How can I wrap a transaction around Membership.CreateUser?
New site creation and security/authentication,- should I use ASP.net Membership Provider?
ASP.NET WSAT (Website Administration Tool) and Custom Membership Providers
How do you manage asp.net SQL membership roles/users in production?
How to access UserId in ASP.NET Membership without using Membership.GetUser() ?
Can I use OpenId with the ASP MembershipProvider?
How do you pass an authenticaticated session between app domains
Class design decision