Last post Jan 02, 2006 05:17 PM by USFbobFL
Dec 19, 2005 11:13 PM|USFbobFL|LINK
Dec 20, 2005 04:58 AM|Xanderno|LINK
Dec 20, 2005 11:40 AM|USFbobFL|LINK
Dec 20, 2005 03:26 PM|Xanderno|LINK
Dec 21, 2005 01:58 AM|USFbobFL|LINK
Dec 21, 2005 09:34 AM|USFbobFL|LINK
even with the machine key, my site appears to lose track of this alleged cookie. this morning, I went back to my web site and I am not logged in. exactly what is this the point of the "remember me next time" checkbox? want to make a new wager?
Dec 21, 2005 05:25 PM|Xanderno|LINK
Well, the most likely possibility is that the cookie is disappearing from your machine.
Can you check your browser cache when you first login to the site to check that it's creating a persistant cookie, and check the expiration date on the cookie? IIRC, persistant forms authentication cookies were set to expire fifty years after the creation
date in ASP.Net 1.x by default, and I don't imagine that would have changed for ASP.Net v2, but it's worth checking the cookie on your machine to see what's happening.
Dec 23, 2005 08:38 PM|RichardMathis|LINK
Hmm, I had a similar issue, this seems to have been stealth-changed by the asp.net team, since I haven't seen anything regarding it. A half-dozen 2.0 apps that stubbornly refuse to persist their users later and I think I found it. :)
It used to be that when you persisted the cookie (in 1.1), the cookie would have an expiration date of 50 years, ignoring whatever was put in the timeout value in the web.config (or so I believe is how it worked or didn't work as it were).
Now it only uses the timeout value, and the timeout value defaults to 30 minutes. This is what makes it difficult to test, since you're likely to close all your browser windows and/or reboot since we know that it breaks any connection to what we (people
more used to 1.1) assume is a session problem, and if reopening the browser still logs us in, we assume the issue is fixed. Of course 30 minutes go by and then we're logged out again.
Regardless, the fix seems simple, just change the timeout value in your web.config. I set mine to 20160 for a 14 day sliding expiration after they last used the site.
I really think this should be part of the web admin, unless there is some hidden file somewhere that points this out, I would guess a lot of people have non-functioning persisting cookies.
Jan 02, 2006 05:17 PM|USFbobFL|LINK
Thanks, Richard. Your suggestion was the verified solution. After adding this to web.config, my cookie has persisted after 8 hours. I have no reason to belive that this post can be marked as resolved... for good this time.