how to save ASP.NET_SessionId in custom membership providers

StackOverflow https://stackoverflow.com/questions/18961886

Question

I use the custom membership providers for my web site. and use this code for login:

private User SetupFormsAuthTicket(string userName, bool persistanceFlag)
    {
        User user;
        UsersContext usersContext = new UsersContext();
            user = usersContext.GetUser(userName);

        var userId = user.UserId;
        var userData = userId.ToString(CultureInfo.InvariantCulture);
        var authTicket = new FormsAuthenticationTicket(1, //version
                            userName, // user name
                            DateTime.Now,             //creation
                            DateTime.Now.AddMinutes(30), //Expiration
                            persistanceFlag, //Persistent
                            userData);

        var encTicket = FormsAuthentication.Encrypt(authTicket);
        Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
        return user;
    }

but i check cookie in my browser, just saved ASPXAUTH and not saved ASP.NET_SessionId

I want save ASP.NET_SessionId but persistanceFlag is true.

Was it helpful?

Solution

If you want to persist the authentication ticket, you need to explicitly set the cookie Expires same as authentication ticket expiration.

....

var encTicket = FormsAuthentication.Encrypt(authTicket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);

if (authTicket.IsPersistent)
{
    cookie.Expires = authTicket.Expiration;
}

Response.Cookies.Add(cookie);
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top