Forms Authentication session time? - General Information - ScreenConnect Remote Support Software User Forum

Welcome Guest

Search | Active Topics | Log In | Register

ScreenConnect Remote Support Software User Forum » Default » General Information » Forms Authentication session time?

Tag as favorite

Forms Authentication session time?

Options

Previous Topic Next Topic

bigdessert		#1 Posted : Thursday, December 08, 2011 4:25:20 AM
Rank: Advanced Member Joined: 9/14/2010 Posts: 458 Location: Minnesota		With forms authentication there seems to be no session expiration....am I right in thinking this? If I leave my browser up on my pc it will stay logged in all day long. I have noticed this especially on mobile. Android is a multitasking wizard and every time I open my browser on it, it says open forever. This in turn keeps me logged in forever. The only problem with this is if I were to lose my phone. Any thought of adding a session expiration for authentication?
Back to top		Report?

User Profile

Jake Morgan		#2 Posted : Thursday, December 08, 2011 4:51:37 AM
Rank: Administration Joined: 4/9/2010 Posts: 859		I think you can reconfigure forms auth in the web.config ... I'll look tomorrow.
Back to top		Report?

User Profile

bigdessert		#3 Posted : Thursday, December 08, 2011 5:56:36 AM
Rank: Advanced Member Joined: 9/14/2010 Posts: 458 Location: Minnesota		Thanks for checking into it.
Back to top		Report?

User Profile

Jake Morgan		#4 Posted : Thursday, December 08, 2011 3:37:09 PM
Rank: Administration Joined: 4/9/2010 Posts: 859		Your web.config probably has a section that looks like this: Code: <authentication mode="Forms"> <forms loginUrl="~/Login" defaultUrl="~/" timeout="525600" /> </authentication> 525600 is the expiration in minutes = 365 days = 1 year Here is the MSDN documentation: http://msdn.microsoft.co...s/library/1d3t3c61.aspx You can maybe set it to a lower value but turn sliding expiration on?
Back to top		Report?

User Profile

bigdessert		#5 Posted : Monday, December 12, 2011 1:24:07 AM
Rank: Advanced Member Joined: 9/14/2010 Posts: 458 Location: Minnesota		Jake Morgan wrote: Your web.config probably has a section that looks like this: Code: <authentication mode="Forms"> <forms loginUrl="~/Login" defaultUrl="~/" timeout="525600" /> </authentication> 525600 is the expiration in minutes = 365 days = 1 year Here is the MSDN documentation: http://msdn.microsoft.co...s/library/1d3t3c61.aspx You can maybe set it to a lower value but turn sliding expiration on? Jake this works good. I have changed the forms line to the below: Code: <forms defaultUrl="~/" loginUrl="~/Login" timeout="3600" slidingExpiration="true" /> This times out the session at 60 minutes. The only problem is it displays the login box that is similar to if you were using AD login, the popup one. Is there anyway to after this timeout period forward to the login page instead? Reading the MSDN page with the loginURL it seems like it should forward the browser, but this isn't happening.
Back to top		Report?

User Profile

Users browsing this topic
Guest

Tag as favorite

ScreenConnect Remote Support Software User Forum » Default » General Information » Forms Authentication session time?

Forum Jump

You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Watch this topic
Email this topic
Print this topic
RSS Feed

Normal
Threaded