«

Hi all,

For reasons I would rather not go into, I sometimes need to get the value of
the forms authentication cookie and use it later when submitting another
request to the server.

mostly this works fine but sometimes it seems that the server decides to
change the forms authentication cookie (in contrast to the session cookie
which stays the same the whole time the session is in existence).

note that this is not happening because the authentication timeout has
expired. I am still logged on as the same user and have the same session;
it's just that the cookie value has changed.

Can anyone explain why and how this happens, and if there is any way I can
control (or disable) this behaviour?

TIA

Andy

Hello Andy,

FormsAuth issues a new cookie after timeout/2. That's the behaviour when
you have sliding expiration enabled.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Hi all,
>
> For reasons I would rather not go into, I sometimes need to get the
> value of the forms authentication cookie and use it later when
> submitting another request to the server.
>
> mostly this works fine but sometimes it seems that the server decides
> to change the forms authentication cookie (in contrast to the session
> cookie which stays the same the whole time the session is in
> existence).
>
> note that this is not happening because the authentication timeout has
> expired. I am still logged on as the same user and have the same
> session; it's just that the cookie value has changed.
>
> Can anyone explain why and how this happens, and if there is any way I
> can control (or disable) this behaviour?
>
> TIA
>
> Andy
>

Thanks Dominick.

I knew it re-sent the cookie after half the timeout but I didn't realise it
would generate a new one.

"Dominick Baier [DevelopMentor]" <>
wrote in message news:.. .
> Hello Andy,
>
> FormsAuth issues a new cookie after timeout/2. That's the behaviour when
> you have sliding expiration enabled.
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
>> Hi all,
>>
>> For reasons I would rather not go into, I sometimes need to get the
>> value of the forms authentication cookie and use it later when
>> submitting another request to the server.
>>
>> mostly this works fine but sometimes it seems that the server decides
>> to change the forms authentication cookie (in contrast to the session
>> cookie which stays the same the whole time the session is in
>> existence).
>>
>> note that this is not happening because the authentication timeout has
>> expired. I am still logged on as the same user and have the same
>> session; it's just that the cookie value has changed.
>>
>> Can anyone explain why and how this happens, and if there is any way I
>> can control (or disable) this behaviour?
>>
>> TIA
>>
>> Andy
>>
>
>
>