stackoom
  简体   繁体   中英

.net Session and user cookie persistent authentication

 原文  2010-12-18 20:55:07       .net/ authentication/ session-cookies

Question

Here is the scenario:

A user is logged on and a Session has been created on the server along with an authentication cookie on the client side.

The Session timeout is set to 20 minutes.

After 25 minutes of inactivity the user goes back onto the website, so his Session does not exist anymore but the authentication cookie still exists.

Based on the cookie what's the best and secured way to allow the user to get signed in automatically...

Thanks in advance for any help.

1 answers

solution1
 0  2010-12-18 21:00:47

First, sign on automatically, should be a option, some users doesn't want it.

Second, if the user has that option active and the authentication cookie still exists you only need to create a new session. You don't need to really authenticate the user, just give him a cookie. :-P.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Persistent Auth cookie in .net core 2.0 IIS 6/.Net 2:How can user A get the user cookie for unrelated user B who is in a different session and on another box? ASP.NET Authentication cookie Share Authentication Cookie between .net 4x and .net 5 app - Accessing the User ClaimsPrinciple Asp.net persistent login cookie expires randomly Sharing .NET session/authentication with Flex .NET forms authentication cookie not accessible in another application Custom ASP.NET Core Cookie Authentication Upgrading cookie authentication in a SPA to .NET Core 2.0 Handling User Authentication in .NET?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM