Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationForms authentication non-persistent cookiesForms authentication non-persistent cookies
Previous
 
Next
New Post
9/11/2014 11:12 AM
 
Mike Schmidt


Joined: 9/11/2014
Posts: 1

I'm having a problem with the Forms Auth cookie ".DOTNETNUKE" being persisted across browser sessions.  I'm running dnn 07.02.02 (303).  I have unchecked the checkbox "Enable Remember me on login controls?" as suggested in the article here http://www.dnnsoftware.com/wiki/page/...

I'm not using the DNN login form but instead using a custom HttpModule that calls the DotNetNuke.Entities.User.UserController.UserLogin method with the last parameter "createPersistentCookie" set to false.

The user is successfully authenticated, logged in and the forms auth cookie ".DOTNETNUKE" is created but instead of the cookie indicating that it's expiration is "end of session" it has a date/time equal to the timeout set in the timeout attribute of the <authentication><forms> element in the web.config.

Am I missing something or is there a problem in dnn with disabling persistent cookies?

 

The definition for the method I'm calling on the dnn api:

 

DotNetNuke.Entities.User.UserController

//
// Summary:
// Validates a User's credentials against the Data Store, and sets the Forms
// Authentication Ticket
//
// Parameters:
// portalId:
// The Id of the Portal the user belongs to
//
// username:
// The user name of the User attempting to log in
//
// password:
// The password of the User attempting to log in
//
// verificationCode:
// The verification code of the User attempting to log in
//
// portalName:
// The name of the Portal
//
// ip:
// The IP Address of the user attempting to log in
//
// loginStatus:
// A UserLoginStatus enumeration that indicates the status of the Login attempt.
// This value is returned by reference.
//
// createPersistentCookie:
// A flag that indicates whether the login credentials should be persisted.
//
// Returns:
// The UserInfo object representing a successful login
public static UserInfo UserLogin(int portalId, string username, string password, string verificationCode, string portalName, string ip, ref UserLoginStatus loginStatus, bool createPersistentCookie);

 
 
New Post
9/13/2014 10:48 AM
 
cathal connolly


cathal connolly's Avatar

www.cathal.co.uk
Joined: 4/9/2003
Posts: 9676
it appears to still be working on my machine (quick test with the remember me checkbox) - it's odd as UserController.UserLogin calls PortalSecurity.Signin where the creation is handled - note: forms auth cookies are special in that they contain a (encrypted) encryption timeout value so a cookie may say it will last for 1 year but if the forms auth cookie says 30 minutes, when asp.net checks it will automatically delete the cookie - I suspect this is what you're seeing
Buy the new Professional DNN7: Open Source .NET CMS Platform book Amazon US
 
 Page 1 of 1
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationForms authentication non-persistent cookiesForms authentication non-persistent cookies


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out