asp.net authentication mode=“Forms” timeout not working

Question

I strucked with this problem for past 2 days. My MVC project is using the form authentication. I set the timeout as 1 min (just for testing). It sucessfully get timeout. Because after one minute pages not working. But i need to redirect to my login page. I gave login url in form authentication. But it won't works. Any body please suggest me the solution for this problem. The code as follows

<authentication mode="Forms">

<forms loginUrl="~/Login/Login" path="/" timeout="1" protection="All" />

</authentication>

The error shows in the following code when get timeout. By this error only i found that the timeout will be occur successfully but the redirection is only in a problem.

public ActionResult Employee()
        {



            mod.StateDetails = objentity.ExecuteFunction<GetStateDetails_Result>("GetStateDetails").ToList();
            List<ObjectParameter> lstParam = new List<ObjectParameter>();
            int Divsion = Convert.ToInt32(logmodel.getDivisionId().ToString());
            ObjectParameter objparam5 = new ObjectParameter("Division", Divsion);
            lstParam.Add(objparam5);
            mod.custinfo = objentity.ExecuteFunction<GetCustomerInfoByDivision_Result>("GetCustomerInfoByDivision", lstParam.ToArray()).ToList();
            mod.SkillInfo = objentity.ExecuteFunction<GetSkillInfo_Result>("GetSkillInfo").ToList();
            mod.DivisionDetails = objentity.ExecuteFunction<GetDivisionDetails_Result>("GetDivisionDetails").ToList();
            int roleid = Convert.ToInt32(logmodel.getRoleId().ToString());
            mod.RoleId = roleid;
            return View(mod);
        }

Thanks in Advance

Answer 1

You have to decorate your controller action with the [Authorize] attribute if you want the user to be redirected when accessing a controller action that requires authentication:

[Authorize]
public ActionResult Employee()
{
    mod.StateDetails = objentity.ExecuteFunction<GetStateDetails_Result>("GetStateDetails").ToList();
    List<ObjectParameter> lstParam = new List<ObjectParameter>();
    int Divsion = Convert.ToInt32(logmodel.getDivisionId().ToString());
    ObjectParameter objparam5 = new ObjectParameter("Division", Divsion);
    lstParam.Add(objparam5);
    mod.custinfo = objentity.ExecuteFunction<GetCustomerInfoByDivision_Result>("GetCustomerInfoByDivision", lstParam.ToArray()).ToList();
    mod.SkillInfo = objentity.ExecuteFunction<GetSkillInfo_Result>("GetSkillInfo").ToList();
    mod.DivisionDetails = objentity.ExecuteFunction<GetDivisionDetails_Result>("GetDivisionDetails").ToList();
    int roleid = Convert.ToInt32(logmodel.getRoleId().ToString());
    mod.RoleId = roleid;
    return View(mod);
}

The Authorize attribute will verify if the user supplied a valid authentication cookie and if not redirect him to the Login page that you specified in your web.config file.