I have a small website with about 10 members. 5 of those are now banned.
I have ensured that they cannot login through the login page.
However because the authentication cookie is persistent and is set to expire after a few months if they return to the site they will still be logged in.
A simple solution is just to expire all authentication tickets/cookies.
I set up forms authentication in my asp.net application, and everything works apparently without problems. However from time to time some of the users trying to log in inform me that suddenly they cannot enter anymore as their user seems to be deactivated. Even if they try the forgot password entry, they get "user not found" response, but if I check the user is still there, and according to asp.net configuration it is even active.The only solution I found until now to reactivate the user is to remove it and create it again, and then it works. But it cannot work like this of course.
View 5 RepliesHow to implement Forms Authentication using Cookies?
View 2 RepliesHow to implement Forms Authentication using Cookies against database?
View 3 RepliesHow to create login authentication page using cookies in ASP.NET with C#?
View 1 RepliesUsing this code i want to show an modal pop up to the user that "your session will be expired within 5 minutes , Click here [BUTTON] to reset your session" , here's my code :
<asp:Button ID="btnReset" Text="Reset" runat="server" OnClick="ResetSession" />
<br />
Your Session will expire in <span id = "seconds"></span> seconds.
<script type="text/javascript">
function SessionExpireAlert(timeout) {
var seconds = timeout / 1000;
seconds--;
[CODE]...
I have an asp.net site. Its a mixture of web forms and MVC2.
I have this on 2 different servers which I get to via different urls.
On one server authentication works fine via all browsers (IE 8, FF 3.6, Chrome)
On the other IE 8 fails, it doesn't send back the cookie on the request to the page after authenticating.
Using Fiddler I have seen that both sites attempt to set the cookie, in the response from the login page.
Response Header I see from both servers
Set-Cookie: DemandLaunch=CCA4...E79C2D1; path=/; HttpOnly
Both sites are in the internet zone of IE.
I'm at a loose for what to check now.
I also have a page that sets a cookie via c# code and that cookie fails in IE as well.
The IE issue is not on a single computer either. I see this failure on 4 different computers Internet Explorer.
My urls which I should have included were:
beta.[site].com - works
beta_[company].[site].com - fails
I'm trying to check the Expired property of the user's current FormsAuthenticationTicket to see if the authentication period has expired. But when the period has expired, I'm never able to get enough information to even create the ticket to check. I've tried this:
FormsIdentity id = (FormsIdentity)User.Identity;
FormsAuthenticationTicket ticket = id.Ticket;
But User is null when the authentication period has expired. So that won't work. I've tried this:
HttpCookie authCookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
But the Forms Cookie is gone when the authentication period has expired, meaning authCookie will be null. So that doesn't work.
Is there any way to actually get the FormsAuthenticationTicket object when the authentication period has expired? There must be, because there's an "Expired" property in the object.
i develope asp.net web site based on users authentication.
How can i promiss that user who logins to the site and closes and explorer, could reopen it and be connected without insert his user & password again.
I'm handling cookies using JavaScript to store some values in my asp.net web application.I use document.cookie to save some values (converted into a lengthy string). But i want that value to be accessible across all the pages in my application.When i try to get that value from a different page, i get the values pertaining to the document in the current URL.
In short i save the value in the cookie in http://myapp/doc1.aspx and want to retrieve it in http://myapp/doc2.aspx
So is document.cookie is pertaining to a single document scope? How can i save/read cookies across the site?
Update.This is how i get and set cookies
function getCookie(c_name)
{
try{ [code]...
But i'm getting different values for the cookies in different pages.
I have Form which is inserting data into database. After inserting always i am redirecting to the another page. But some time user hit back button and go to the same page which will ask for RETRY. If he/she press the RETRY button duplicate data will be inserted.
How i can complately expire the all form data so even if he hit back button the page will load complately fresh.
I need to redirect my application when there is no action for three minutes. I used session timed out period in the web config file. But When I am working with my content page its not working, because my content page is inside a update panel which is in the master page, so the content page not getting refresh at all, so the session expires.
View 7 RepliesOn my page the value of Response.Expire is not changing, even thou I gave a different value. I looked into the trace and every time the value remains the same. Is there a way to change the value and see the output on the page to know if it's getting changed to the new value?
View 1 RepliesIn my project I have the requirement as follows.sending a mail to registered users with sign in link details.After a certain period of time elapses, the signin link should not work when user clicks on it.
View 1 RepliesI want to expire a web page if the user hasn't worked with it for 100 seconds.
How to do that?
I am using the Forms Authentication in my application.
I have a master page and I have a default content page in the defaultUrl of the Forms Authentication. I am facing an issue: when the session expires the images and the css of the Master Page are not available.
How can I make the images available in the master page after the session expire?
I have been experimenting with code that will clear all of the cookies in an HttpContext.Response.Initially, I used this:
DateTime cookieExpires = DateTime.Now.AddDays(-1);
for (int i = 0; i < HttpContext.Request.Cookies.Count; i++)
{
HttpContext.Response.Cookies.Add(
new HttpCookie(HttpContext.Request.Cookies[i].Name, null) { Expires = cookieExpires });
}
this will error with an OutOfMemoryException because the for loop never exits - each time you add a cookie to the Response, it also gets added to the `Request.
I know that if I have set a cookie on a previous request, it will show up in my Request.Cookies collection. I want to update my existing Cookie. Are the cookies from my Request.Cookies collection already copied to my Response.Cookies collection? Do I need to add a new cookie with the same key using Response.Cookies.Add(), or do I need to use Response.Cookies.Set()?
View 1 RepliesI want when user press back button of browser.the web page should expire.
View 1 RepliesJust going to start making a web application and was wondering which was better, or at least what are the main differences between them (as it probably matters what I am using them for)?
View 3 RepliesI'm surprised i couldnt find any answers.
How do i set my sessionid in my cookie to expire at the end of session? (when the browser closes or the user has been inactive for a period of tie).
The two solutions i found were
(httpcookie).Expires = HttpContext.Current.Session.Timeout
Which gave me a compile error so i dont know if the user checked his code before posting. And the other was to set the expire date to 1 day ago which my gut says is wrong. How do i do this?
How do I set cookie expiration time in C#?
I want cookies to expire when the browser is closed. I found in many blogs that giving a previous date as the expiry date will cause the cookie to automatically expire, but that is not working in my case.
im getting problem with session, when i'm not idle and still using webpage thes session expires I am using VS 2005
View 2 RepliesI have the following in the web.config
<sessionState cookieName="ASP.NET_SessionId" cookieless="false" mode="InProc" timeout="1" regenerateExpiredSessionId="true"/>
however, after 1 min, the session won't expire.what can cause this?
There is a timeout for Session object of HttpSessionState that can be set. I want to see if we can make HttpApplicationState timeout too?
View 2 Replies