A
Alex
hi,
I have implemented forms authentication and it is woking well however I am
experiencing a slightly frustrating problem.
The "Admin" directory of my site is password protected, however if a user
successfully logs in to this section then will see a small menu at the top
of the page on
ANY page they are logged into, even it is outside the "Admin" directory.
Basically if you are an admin you see this menu and if you are not you
don't.
I achieve this with the following code
Dim encTicket As String
Dim ticket As System.Web.Security.FormsAuthenticationTicket
Dim currentUsername
Dim cookie As System.Web.HttpCookie
cookie =
Request.Cookies(System.Web.Security.FormsAuthentication.FormsCookieName)
If cookie Is Nothing Then
'The user is not logged in so do not display the menu
MenuLabel.Visible = False
Else
encTicket = cookie.Value
ticket =
System.Web.Security.FormsAuthentication.Decrypt(encTicket)
currentUsername = ticket.Name
MenuLabel.Visible = True
End If
Now if a user logs in successfully and the has no activity on the client for
a certain period they are logged out and have to log back in again. This
also wors fine.
However if the user has been logged out the above code still thinks that the
user is still logged in. I guess the cookie is still on the client although
it has probabally expired.
My question is what would I have to add to the above code to determine that
the cookie has not expired.
cheers
Alex.
I have implemented forms authentication and it is woking well however I am
experiencing a slightly frustrating problem.
The "Admin" directory of my site is password protected, however if a user
successfully logs in to this section then will see a small menu at the top
of the page on
ANY page they are logged into, even it is outside the "Admin" directory.
Basically if you are an admin you see this menu and if you are not you
don't.
I achieve this with the following code
Dim encTicket As String
Dim ticket As System.Web.Security.FormsAuthenticationTicket
Dim currentUsername
Dim cookie As System.Web.HttpCookie
cookie =
Request.Cookies(System.Web.Security.FormsAuthentication.FormsCookieName)
If cookie Is Nothing Then
'The user is not logged in so do not display the menu
MenuLabel.Visible = False
Else
encTicket = cookie.Value
ticket =
System.Web.Security.FormsAuthentication.Decrypt(encTicket)
currentUsername = ticket.Name
MenuLabel.Visible = True
End If
Now if a user logs in successfully and the has no activity on the client for
a certain period they are logged out and have to log back in again. This
also wors fine.
However if the user has been logged out the above code still thinks that the
user is still logged in. I guess the cookie is still on the client although
it has probabally expired.
My question is what would I have to add to the above code to determine that
the cookie has not expired.
cheers
Alex.