Configurable signoff timeout.
-
I have an ASP.NET app that uses forms authentication. I would like to be able to have a configurable expiration on the sign-on time so that after the timeout expires, the user will be signed out. I tried a couple different things, but am hoping that someone can give me some additional help. Here is what I have tried so far and the problems that I have faced: 1. Setting the timeout value in the web.config entry. The downside is that I have not figured out how to change the timeout value dynamically. I need this to be configurable by the administrator logon of the web page. 2. Setting Session.Timeout and then calling FormsAuthentication.SignOut() in the Global.asax Session_End() event. This does not seem to work. The user remains signed-on when I navigate back to the protected page.
-
I have an ASP.NET app that uses forms authentication. I would like to be able to have a configurable expiration on the sign-on time so that after the timeout expires, the user will be signed out. I tried a couple different things, but am hoping that someone can give me some additional help. Here is what I have tried so far and the problems that I have faced: 1. Setting the timeout value in the web.config entry. The downside is that I have not figured out how to change the timeout value dynamically. I need this to be configurable by the administrator logon of the web page. 2. Setting Session.Timeout and then calling FormsAuthentication.SignOut() in the Global.asax Session_End() event. This does not seem to work. The user remains signed-on when I navigate back to the protected page.
Set the timeout value in your web.config file Set the timeout value in the session start method like this protected void Session_Start(Object sender, EventArgs e) { Session.Timeout = ConfigurationSettings.AppSettings["Timeout"]; } Try calling the FormsAuthentication.SignOut() method again in the Session_End method zimcoder What Democracy?? Jesus Christ is King and if you do not like... well you can go to hell!