Forms Authentication question

[Stefano Mostarda]

Hi buddies,

I have a question.

I want to use the forms authentication in my web app.

My user login. The cookie is stored in the client machine and some
important information is stored in session variables.

What will happen if the user closes the browser and reopen to relog in
the application? I mean, the cookie is not expired yet so the login is
automatic, but, I have no session informations consequently my app
should fail (I assume).

Am I missing something or I have to create a workaround to bypass this
situation?

Thanks in advance

Stefano Mostarda
Rome Italy

 

[Saravana [MVP]]

What you can do is, in the session_end you can delete formauthentication
cookie by using signout method of formsauthentication.

 

[Mohammad A. Samara]

Don't persist the cookie.

FormsAuthentication.SetAuthCookie(userId.ToString(), false)

m.

 

[John Saunders]

Don't persist the cookie.

FormsAuthentication.SetAuthCookie(userId.ToString(), false)

The other thing you can do is to put in the cookie enough information to
reconstruct your Session data.