Session timeout vs form authentication timeout
What is the difference between session opt-out and cookie timeout, what if the session refused and the cookie is still alive, could this cause the problem?
<sessionState timeout="1" />
<authentication mode="Forms">
<forms loginUrl="login.aspx" timeout="1" />
</authentication>
thanks
+2
a source to share
1 answer
I don't believe this leads to a problem. Session timeout is specific to the session state mechanism, but for forms, the timeout is specific to the cookie that stores the user's credentials.
In my application, the user is still logged as the session time, but after the auth cookie expires, the user has to login again.
NTN.
0
a source to share