3

My web application authentication cookies times out after a day when I try to login again. I'm trying to access the application through a Nokia browser and Internet Explorer and both have the same behavior.

This is my Logon process:

    [HttpPost]
    [SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings",
                      Justification = "Needs to take same parameter type as Controller.Redirect()")]
    public ActionResult LogOn(LogOnModel model, string returnUrl)
    {
        if (MembershipService.ValidateUser(model.UserName, model.Password))
        {
            //FormsService.SignIn(model.UserName, model.RememberMe);
            FormsAuthenticationTicket Authticket = new
                        FormsAuthenticationTicket(1,
                        model.UserName,
                        DateTime.Now,
                        DateTime.Now.AddYears(1),
                        true,
                        "",
                        FormsAuthentication.FormsCookiePath);

            string hash = FormsAuthentication.Encrypt(Authticket);

            HttpCookie Authcookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);

            if (Authticket.IsPersistent) Authcookie.Expires = Authticket.Expiration;

            Response.Cookies.Add(Authcookie);

            if (!String.IsNullOrEmpty(returnUrl))
            {
                return Redirect(returnUrl);
            }
            return RedirectToAction("Index", "Home");
        }
        ModelState.AddModelError("", "The user name or password provided is incorrect.");

        // If we got this far, something failed, redisplay form
        return View(model);
    }

My web.config settings:

<forms loginUrl="~/consignment/Account/LogOn" timeout="2880" protection="All" name=".consignmentauthadmin"/>

I'm trying:

    [HttpPost]
    [SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings",
                     Justification = "Needs to take same parameter type as Controller.Redirect()")]
    public ActionResult LogOn(LogOnModel model, string returnUrl)
    {
        if (MembershipService.ValidateUser(model.UserName, model.Password))
        {
            //FormsService.SignIn(model.UserName, model.RememberMe);
            FormsAuthenticationTicket Authticket = new
                        FormsAuthenticationTicket(1,
                        model.UserName,
                        DateTime.Now,
                        DateTime.Now.AddYears(1),
                        true,
                        "",
                        FormsAuthentication.FormsCookiePath);

            string hash = FormsAuthentication.Encrypt(Authticket);

            HttpCookie Authcookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);

            if (Authticket.IsPersistent) Authcookie.Expires = Authticket.Expiration;

            Response.Cookies.Add(Authcookie);

            if (!String.IsNullOrEmpty(returnUrl))
            {
                return Redirect(returnUrl);
            }
            return RedirectToAction("Index", "Home");
        }
        ModelState.AddModelError("", "The user name or password provided is incorrect.");

        // If we got this far, something failed, redisplay form
        return View(model);
    }

I don't want the authentication to expire until I log off from the application. What am I doing wrong?

Improve this question
3
  • I do not see anything problematic, maybe you need to open your cookie and read it by your browser to see what data you have put on and if the date is the correct. Then maybe your browser delete it, or not find it. Commented Jul 19, 2010 at 8:55
  • I have read the cookie and this is the info I got back 8 hrs ago. cookie details: Expiration Date: 20/07/2011 12:00:00 a.m. Expired: False When I tried it again this morning the cookie had expired. The web application is running under a virtual directory so could it be that it might be picking up expiration from the root directory? Commented Jul 19, 2010 at 22:27
  • How read the cookie? in Server C#? or Client Javascript? Commented Apr 24, 2019 at 19:16

1 Answer 1

Reset to default
2

Try looking at your webserver IIS application pool, it has an "application refresh" which is setup by default. turn it off... that should fix your problem.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

@ace did you get solution ?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.