R
Randall Parker
Does the SessionState timeout field in Web.config control how long a logged in
session will stay logged in?
For example, I want my users to be able to log in once during their work day and for
their log-ins to remain valid for 12 hours. Is this below the way to do it?
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="7200"
/>
(ignore the stateConnectionString and sqlConnectionString which I do not even
understand at this moment)
Does the timeout="7200" mean 7200 seconds from the time of logging in that the
Session object will be deleted from the ASP.Net server and hence that the user will
no longer be logged on?
Or, to put it another way: If the browser cookie lasts longer than the session object
does the user have to log back in if the session object expires but the browser
cookie still exists?
I want to add some setting to the session object and/or browser cookie that control
what fields are available on web pages based on what I find in a log-in database
table record when I check the username and password. Can I add those fields to the
cookie that gets created when the user logs in?
session will stay logged in?
For example, I want my users to be able to log in once during their work day and for
their log-ins to remain valid for 12 hours. Is this below the way to do it?
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="7200"
/>
(ignore the stateConnectionString and sqlConnectionString which I do not even
understand at this moment)
Does the timeout="7200" mean 7200 seconds from the time of logging in that the
Session object will be deleted from the ASP.Net server and hence that the user will
no longer be logged on?
Or, to put it another way: If the browser cookie lasts longer than the session object
does the user have to log back in if the session object expires but the browser
cookie still exists?
I want to add some setting to the session object and/or browser cookie that control
what fields are available on web pages based on what I find in a log-in database
table record when I check the username and password. Can I add those fields to the
cookie that gets created when the user logs in?