In this web.config:
<authentication mode="Forms" >
<forms name=".COOKIEDEMO"
loginUrl="login.aspx"
protection="All"
timeout="30"
path="/"/>
</authentication>
<authorization>
<allow users="?" />
</authorization>
When the user is authenticated on login.aspx, the user is directed to
default.aspx.
Okay, does this mean that if I have default.aspx on the screen and walk
away for 31 minutes, and then come back and hit refresh, that I will be
directed back to login.aspx becaues my cookie has expired?
What if I delete my cookie during the 30 minutes? Or is the value held
on the server?
I ask because I deleted the cookie and refreshed the default.aspx page.
I was not redirected to login.aspx.
Thank you for helping me.john_20_28_2000@.yahoo.com wrote:
> <authorization>
> <allow users="?" />
> </authorization>
Could it be because you are allowing anonymous users? Shouldn't that line be
<deny users="?" />
Software is like sex: it's better when it's free -- [Linus Torvalds]
Fabio Marini - A+, RHCT, MCDBA, MCAD.NET
To reply: news [at] mamakin1976 [dot] plus [dot] com
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment