stackoom
  简体   繁体   中英

ASPX auth cookie expiration time is always 30 minutes

 原文  2012-03-27 12:18:16       c#/ asp.net/ iis-7.5/ asp.net-4.0

Question

I have set the the cookie expiration time to 1 month but when I look the expiration timeout of .ASPXAUTH cookie in browser it says 30 minutes ahead from now. 

var ticket = new FormsAuthenticationTicket(1, "myname", DateTime.Now,
                                                        DateTime.Now.AddMonths(1), true, "test");
string ticketString = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketString)
                 {
                     Expires = DateTime.Now.AddMonths(1),
                     Path = FormsAuthentication.FormsCookiePath
                 };
HttpContext.Current.Response.Cookies.Add(cookie);

Can you let me know why the above code is behaving so, I want to change the expiration time but it is always coming 30 minutes.

3 answers

solution1
 4  2015-09-17 10:05:40

With the advice from the other answers I got to this link.

Apparently, in ASP.NET it checks the expiration in the Web.config and doesn't take the expiration from the cookie. So you need to add to the config file inside <system.web> : 

<authentication mode="Forms">
  <forms
 name=".ASPXAUTH"
 loginUrl="Login.cshtml" //your login page
 defaultUrl="Default.cshtml" //your default page
 protection="All" //type of encryption
 timeout="43200" //a month in minutes
 path="/"
 requireSSL="false"
 slidingExpiration="true" //Every refresh the expiration time will reset
 cookieless="UseDeviceProfile" //Use cookies if the browser supports cookies
 domain=""
 enableCrossAppRedirects="false">
    <credentials passwordFormat="SHA1" />
  </forms>
</authentication>

solution2
 4  2012-03-27 12:51:12

Do you require to set this timeout programmatically or is it ok to set it in configuration file? There is a timeout parameter, which indicates authentication cookie timeout: http://msdn.microsoft.com/en-us/library/1d3t3c61.aspx

Default value of this parameter is 30 minutes.

Best regards, Dmitry

solution3
 3  2012-03-27 13:01:51

Check you web.config file, there should be FORM entry under following element system.web -> authentication .

check the timeout property there, is it set to 30 minutes?

remove this form authentication tag from there.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Accessing cookie expiration time owin what is the default expiration time of a cookie ABP cookie expiration time issue User logged in using ADFS auth is getting redirected to ADFS server after 30 minutes of idle time c# Asp.net getting Cookie expiration time set in javascript always returns 01.01.0001 WebAPI token on Header - how to set 30 minutes expiration Cookie expiration time not working in C# change expiration auth cookie dynamically .net core identity how do I set cookie expiration time in user local time? How to stop extending cookie expiration time for ajax calls?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM