FormsAuth and Sessions Troubles...
I'm having some trouble implementing Forms Authentication and using
If i just turn on Forms Auth and don't set up any roles (Don't setup a
GenericPrincipal, and dont assign the Context.User) everything works
fine. I can keep my Auth Cookie, and Session timed in sync and i have
NOW however as soon as i set a GenericPrincipal for my user and assign
Context.User to that principal everything goes to heck. It acts as
though my Auth Ticket doesn't expire... So what i get after i wait
20min (session timeout)is my session is dead, however in my
Application_AuthenticateRequest event, the auth cookie (that should've
expired) is available and i assign the principal... i don't get
redirected to my login page. Now when my pages load they try to access
a session variable, but Ooops, not there and i blow up.
In my AuthenticateRequest Event, i have :
Dim ticket As System.Web.Security.FormsAuthenticationTicket
Dim roles As String()
Dim formsID As FormsIdentity
Dim principal As GenericPrincipal
cook = Request.Cookies(System.Web.Security.FormsAuthentic ation.FormsCookieName)
If Not cook Is Nothing Then
roles = ticket.UserData.Split(roleDelimiter)
formsID = New FormsIdentity(ticket)
principal = New GenericPrincipal(formsID, roles)
Context.User = principal
--- Now if i comment out the "Context.User = principal" line it works
as i'd expect...
thanks for any help
|All times are GMT. The time now is 06:20 AM.|
Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.