Lifetime of persistent FormsAuth Cookies

A student asked me about the expiration time of the .ASPXAUTH cookie if you call FormsAuthentication.RedirectFromLoginPage(name, true).

This is not really new info, but i double checked on .NET 2.0 B2 – and tracked down the following line of code in System.Web.Security.FormsAuthentication.GetAuthCookie():

FormsAuthenticationTicket ticket1 = new FormsAuthenticationTicket(2, userName, DateTime.Now, createPersistentCookie ? DateTime.Now.AddYears(50) : DateTime.Now.AddMinutes((double) FormsAuthentication._Timeout), createPersistentCookie, string.Empty, strCookiePath);

 

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s