Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...Remember loginRemember login
Previous
 
Next
New Post
7/10/2007 5:54 PM
 
John Mitchell


www.snapsis.com
Joined: 4/18/2003
Posts: 3987

Correct.  If you specifically logout then it will delete your auth cookie, not waiting for it to expire normally.  Yes, this is by design. 

The timeout is a sliding expiration, so if your users normally come back every day then you don't need it to be set for a week.

The drawback to setting it longer is that if the auth cookie is captured by a hacker then they will be able to wait longer before they have to use it.  Setting it to a shorter time makes it harder for a hacker to make it their own, but they always have to find a way to capture it first. 

In the 1.1 version of the .Net framework the timeout when using remember me was set to 50 years, so setting it for a week is a big improvement. 

 

DotNetNuke Modules from Snapsis.com
 
New Post
7/10/2007 6:42 PM
 
brian

Joined: 1/22/2004
Posts: 793

remember me for an hour is useless ..   annoying ..   and frustrating..    whats the point?   even after so many comments..  dotnetnuke.com still has the same value..  

how it should work is for a few days..  if you are online in that time period, it gets extended..    that is REMEMBER LOGIN...   or a year.   It says 'remember', not short term memory issues.

Sorry..  it is just frustrating to say Remember Login ..  for it to do nothing.
 
New Post
7/10/2007 6:45 PM
 
Stephen Nill


Joined: 7/10/2005
Posts: 297

John, this is very helpful. A DNN mystery is solved!

I wonder if others, like me, have been careful to click the "log out" link before exiting, not realizing that they were destroying the cookie and hence the ability to have the portal remember them?

Steve
 
New Post
7/10/2007 6:58 PM
 
Stephen Nill


Joined: 7/10/2005
Posts: 297

Brian, I agree with you. Fortunately, it's an easily configured value. Unfortunately, it's one of those things where you have to expend time and effort, and lean on the expertise of our generous colleagues here who know so much more about the inner workings of DNN, to find the "fix." (It's not really a fix, but a tweak, to be fair.)

Borrowing from what John just said, though, I do suppose that the short-duration, out-of-the-box 60-minute value might be so short because it's more secure to have a cookie duration of one hour as opposed to something lengthier. If so, I must have missed that memo. <g>

Anyway, I'm just happy to know about the tweak.

Steve
 
New Post
7/10/2007 7:24 PM
 
brian

Joined: 1/22/2004
Posts: 793

I'd like to tweak dotnetnuke.com  ;)   Never ever ever clicked log-out ...  but an hour later I will be  :)
 
 Page 3 of 4
Previous1234Next 
Previous
 
Next
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...Remember loginRemember login


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out