Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Identify FormsAuthentication Timeout

Reply
Thread Tools

Identify FormsAuthentication Timeout

 
 
Allen Chen [MSFT]
Guest
Posts: n/a
 
      06-10-2009
Hi Richard,

>Hence my post for asking specfically about handlinge time outs without
>loosing data on the redirect.
>Maybe popup a logon page versus a redirect or something


I think Alexey Smirnov's suggestion a good way to solve this issue if you
want enable the timeout. You can store data in cookie (client side) or
database (server) or other places where the client can access later.

If you need a simple workaround, I think you can use JavaScript to popup a
new window to temporarily save data. If the timeout is 10 minutes you can
pop up a window after 9 minutes.

In main page, call this JS to popup window:

<script type="text/javascript">
function Popup()
{

var w = window.open("NewWindow.aspx?data=" +
document.getElementById("testinput").value);
}

</script>

<input id="testinput"></div>

Use settimeout if needed:

http://www.w3schools.com/htmldom/met_win_settimeout.asp

In the popup window, call this JS to fill data back:

<script type="text/javascript">
function FillData() {

window.opener.document.getElementById("testinput") .value =
GetQueryString("data");
}
function GetQueryString(ji) {
hu = window.location.search.substring(1);
gy = hu.split("&");
for (i = 0; i < gy.length; i++) {
ft = gy[i].split("=");
if (ft[0] == ji) {
return ft[1];
}
}
}

</script>
<input onclick="FillData();" value="Fill Data" />

Please let me know if it can resolve this issue and feel free to ask if you
have additional questions.

Regards,
Allen Chen
Microsoft Online Support

Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
http://www.velocityreviews.com/forums/(E-Mail Removed).

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/en-us/subs...#notifications.

Note: MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 2 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions. Issues of this
nature are best handled working with a dedicated Microsoft Support Engineer
by contacting Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/en-us/subs.../aa948874.aspx
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.




 
Reply With Quote
 
 
 
 
Joe Kaplan
Guest
Posts: n/a
 
      06-10-2009
The thing with a pop up login page is that you would need to implement that
with client side code. The server can only issue a redirect if a resource
is requested and authorization is denied. This is why I suggested a client
side change to implement something like this. Unfortunately, the server
can't really generate a popup because it just issues 302 redirects.

The only thing I can think of to help with this on the server side would be
to implement some sort of HTTP module that might detect that a POST request
was being redirected to the login page and somehow block that, but I still
think you'd need some client code changes to accomplish this. Perhaps the
data could be added to session and then after the user is redirected back to
the page it could be added into the page data during the GET request after
the login? That would certainly be more than 2 lines but might not be
horribly difficult. Most of the code would be involved with capturing the
raw form post data and adding back into the editable fields during the GET.
Just a thought.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
"Chuck" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> We use the forms authentication timeout for security purposes. So coding
> to
> defeat the timeout using javascript or chaning the timeout value, would
> not
> be looked upon kindly.
>
> I have about 50 sites that use the same FormsAuthentication site, so
> rewriting 50 websites or chaning or methodology on any of them would be
> hugely expensive. Also it is somewhat repulsive to me to have to change a
> data access methodology when a possible two line coding solution could be
> available.
>
> Hence my post for asking specfically about handlinge time outs without
> loosing data on the redirect.
> Maybe popup a logon page versus a redirect or something
>


 
Reply With Quote
 
 
 
 
Allen Chen [MSFT]
Guest
Posts: n/a
 
      06-15-2009
Hi Chunk,

>Hence my post for asking specfically about handlinge time outs without
>loosing data on the redirect.
>Maybe popup a logon page versus a redirect or something


Have you solved this issue?

Regards,
Allen Chen
Microsoft Online Support

 
Reply With Quote
 
Chuck
Guest
Posts: n/a
 
      06-17-2009
nope

"Allen Chen [MSFT]" wrote:

> Hi Chunk,
>
> >Hence my post for asking specfically about handlinge time outs without
> >loosing data on the redirect.
> >Maybe popup a logon page versus a redirect or something

>
> Have you solved this issue?
>
> Regards,
> Allen Chen
> Microsoft Online Support
>
>

 
Reply With Quote
 
Allen Chen [MSFT]
Guest
Posts: n/a
 
      06-18-2009
Hi Chunk,

>nope


Could you tell me have you tried my code or the Silverlight approach? If so
why them cannot meet your requirement? Please let me know the reason so
that we can discuss further.

Regards,
Allen Chen
Microsoft Online Support

 
Reply With Quote
 
Chuck
Guest
Posts: n/a
 
      06-18-2009
Didn't see the Silverlight approach.
Can't use a javascript approach because of complex controls in the page.
 
Reply With Quote
 
Allen Chen [MSFT]
Guest
Posts: n/a
 
      06-19-2009
Hi Chunk,

>Didn't see the Silverlight approach.


The Silverlight approach is to use isolated storage (mentioned in my reply
to your another thread):

https://silverlight.net/blogs/msnow/...the-day-19-usi
ng-isolated-storage.aspx

>Can't use a javascript approach because of complex controls in the page.


Could you clarify what do you mean by "complex controls"? I think you can
write custom controls if needed to generate these JavaScripts. Then you can
reuse them in your all projects. To register JavaScript via custom control
please refer to this project:

http://cid-2fa13ebc6cc8e80f.skydrive.../RegisterClien
tScriptResource%7C_lvl%7C_300.zip

Regards,
Allen Chen
Microsoft Online Support


 
Reply With Quote
 
Allen Chen [MSFT]
Guest
Posts: n/a
 
      06-26-2009

Hi Chunk,

>Didn't see the Silverlight approach.
>Can't use a javascript approach because of complex controls in the page.


Have you solved this issue? Please don't hesitate to let me know if you
need further assistance.

Regards,
Allen Chen
Microsoft Online Support

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
formsauthentication timeout & session timeout =?Utf-8?B?Q3JhaWc=?= ASP .Net 1 08-10-2005 09:25 PM
FormsAuthentication cookies timeout tshad ASP .Net 8 01-14-2005 05:59 AM
Timeout::timeout and Socket timeout Mark Probert Ruby 1 10-06-2004 09:30 AM
FormsAuthentication doesn't redirect properly after timeout Danny ASP .Net 1 06-17-2004 03:19 PM
Meaning Of Timeout in FormsAuthentication??? .NET Follower ASP .Net 0 02-06-2004 01:24 PM



Advertisments