Costa
Reputation: 4095
Session timeout vs Form Authentication timeout
What is the difference between a abandon Session and a cookie timeout, what if the session is abandon and the cookie is still alive, is that can lead to a problem?
<sessionState timeout="1" />
<authentication mode="Forms">
<forms loginUrl="login.aspx" timeout="1" />
</authentication>
Thanks
Upvotes: 3
Views: 721
Answers (1)
Brian Mains
Reputation: 50728
I don't believe that leads to a problem. Session timeout is specific to the session state mechanism, but for forms, the timeout is specific to the cookie that retains the user's credentials.
In an app of mine, the user is still logged in as the session times out, but once the auth cookie times out, the user has to log in again.
HTH.
Upvotes: 1
Related Questions
- Forms authentication timeout vs sessionState timeout
- Forms Authentication Timeout vs Session Timeout
- IIS Session Timeout vs ASP.NET Session Timeout
- ASP.NET Forms Authentication timeout
- Why set forms authentication timeout longer than session timeout?
- Differences in forms auth timeout and session timeout
- Form authentication timout is bigger then session timeout
- What is different between forms Authentication timeout vs session timeout in Asp.net application?
- sql sessionState time out vs forms authentication timeout
- Should a session timeout or a form authentication timeout log off the user?