View Single Post
  #3 (permalink)  
Old August 17th, 2009, 10:48 PM
chobo2 chobo2 is offline
Friend of Wrox
 
Join Date: Sep 2007
Location: , , .
Posts: 169
Thanks: 7
Thanked 2 Times in 2 Posts
Default

Quote:
Originally Posted by Lee Dumond View Post
You need to set the expiration date of the cookie. You can do that in the web.config.

Code:
<system.web>
  <authentication mode="Forms">
    <forms loginUrl="Login.aspx"
           protection="All"
           timeout="20160"
           name=".ASPXAUTH" 
           path="/"
           requireSSL="false"
           slidingExpiration="false"
           defaultUrl="default.aspx"
           cookieless="UseDeviceProfile"
           enableCrossAppRedirects="false" />
  </authentication>
</system.web>
Here, the timeout is set to 20,160 minutes, which is 2 weeks. Whenever the cookie is set with a second parameter of true, this will set a persistent cookie with an expiration time of exactly two weeks from the time it was set.
but according to this site
http://weblogs.asp.net/scottgu/archi...08/430011.aspx

everytime they come to the site it gets rest. That means if they keep coming every day it keeps getting extended.