Handle end session for win authentication

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi
When we use forms authentication I set the time and a url for login page
after configured amount of time, via web.config.
But, what is the best practice to do it after configurable amount of time,
or after session end when it is a windows authentication
 
First thing to understand is that the forms authentication mechanism uses
a different cookie than session state. So those have two independent timeouts.
So regardless if you're using Forms or Windows authentication you have the
same problem of the session potentially timing out prior to the user logging
out (by losing the cookie or closing the browser). So, the way you code this
is you code defensively. Always check to see if the data you put into Session
is there and if it's not either refetch it (if you're using Session like
a Cache) or if it's truly volatile data (like a Shopping Cart) then you need
to deal with that contingency.

-Brock
DevelopMentor
http://staff.develop.com/ballen
 
Back
Top