Reputation: 682
Form authentication timout is bigger then session timeout
I am implementing site with login via facebook. I call FormsAuthentication.SetAuthCookie(response.email, true); after facebook authenticates user.
Form authentication timeout is set to 129600 (3 month).
Should i set session timeout to the same value? As far as I understand session timeout should be as few as possible.
Is it normal if session timeout less then form timeout? (for example form 129600 session 30)
I know that there are many similar questions, but this problem isn't clear for me.
Thanks.
Upvotes: 0
Views: 696
Answers (1)
Reputation: 68400
You're using cookies for authentication, your server session doesn't matter. A potential problem is that if you store data on Session object and it expires, that could cause troubles to user since functionality depending on this data would probably fail.
If you handle server Session expiration properly, you won't have any problem.
Upvotes: 2
Related Questions
- Timeout not working in ASP.Net MVC FormsAuthentication
- forms timeout issue in asp.net mvc
- Forms Authentication Timeout Being Ignored
- What are possibilities that <sessionState> timeout is ignored when using forms authentication?
- ASP.NET MVC 4 Session timeout
- MVC session expiring but not authentication
- Incorrect forms authentication timeout
- Why is Session State timeout overriding Forms Authentication timeout in my MVC3 application?
- Forms Authentication Timeout Logging
- asp.net forms authentication timing out after 1 minute