Reputation: 829
Session and user authentication using ASP Identity
I use Asp Identity for Authentication in MVC project, my problem is the session end and the user still authentication in some cases.
I set the time out of OWIN to 20 min on configuration
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
ExpireTimeSpan = TimeSpan.FromMinutes(20),
SlidingExpiration = false,
})
its work after 20 min my session data and Owin is cleared.
but still problem in some cases :
when IIS reset the session clear but the user still authenticated .
when I build my solution on vs 2015 the session clear but the user still authenticated .
Upvotes: 0
Views: 2347
Answers (1)
Reputation: 38529
You're using DefaultAuthenticationTypes.ApplicationCookie - cookie authentication.
This is to be expected.. The cookie will live for 20 minutes (as per your configuration) then expire. It has nothing to do with Session
If you really want to tie your authentication to a session, see here: https://stackoverflow.com/a/11420005/131809
I would suggest using an ActionFilter in place of a base class though (as mentionedi n one of the comments)
Upvotes: 2
Related Questions
- Identity Claim Timeout
- EF throws AspNetUsers error after Owin Authorization timeout
- How to set TimeOut for OwinContext in MVC 5
- Session timeout owin in MVC 4 after 5 minutes
- Authentication session timeout
- ASP.NET Identity Session Timeout
- ASP.NET Identity user is logged out after 30 minutes
- ASP.NET MVC 4 Session timeout
- IIS Session timeout and Forms Authentication loop
- Session and Authentication Timeout don't work