Click here to Skip to main content
13,144,265 members (31,769 online)
Click here to Skip to main content
Add your own
alternative version


28 bookmarked
Posted 20 Apr 2004

Form Authentication Tickets

, 5 Dec 2005
Rate this:
Please Sign up or sign in to vote.
How to manage different session time out for different users

Sample Image - Forms_Authentication.jpg


Some times we require that there should be different time outs for each user. In case when you give choice to user of your web that he can define his time out himself. In this case each user will set his own time and you have to make your web site of such type that it will maintain session for each user according to time he specifed.

What will we do:

Here I will explain you how to achieve this goal using ASP.Net's form authentication.


Some user has problem that when they use authentication tickets, session time out shows inconsistent attitude. Here I will explain how to maintian different time out for different users.

What is form authentication?

In ASP there was no mechanisam for logging user, you just have to put some values in session

that could be user id, and then check this value on each page user is trying to access.
But in .net form authentication provide to a mechanism for logging user.
When to login you set cookie that is encrypted you need to put user id in that cookie, that

is very easy, and after that will do all the task for you need not to check for

authentication each page.
What you have to do is specify a login page in web.config, there are few other settings also

i will tell you in detail. dont worry abou that that are very easy and can be done in few


Lets Start Work:

Create 3 page
1. Create project (example contains C# code)

2. Creat login page, login.aspx. (form authentication automatically redirect to this page if request is unautorized)

3. Create default page, default.aspx (every site has a defaul page, form autentication automatically redirect to this page after successful login).

4.create details page, details.aspx (optional page, that shows your product etc)

some page will be created automatically for example

You have completed all the structure of your website well done!!! lets start conding now!

Starting Coding:


First of all do some change in web.config file...
Go to the section authentication of web.config
i. set authentication code to forms

ii. provide login url, that is your login page where user will be redirected in case he is not loged on and trying to access some page.

iii.provide passwordformat for now just put it clear dont confused here this is just to set

your password will be clear format or encrypted that is an other topic.
iv. provide user names if you have some static users, you can also load list form database

will tell you letter how to do that.

 <authentication mode="Forms" > 
        <forms  name=".ASPXSessionDemoTest" loginUrl="login.aspx" protection="All"  >
            <credentials passwordFormat = "Clear"> 
                <user name="admin" password="admin"/>               
        </authentication>Go to the section autorization of the web config.
i.deny user set ? mark.
so that it ask for password to each user.
        <deny users="?" /> <!-- Allow all users -->
            <!--  <allow     users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>
                  <deny      users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>
We have alomost done with web.config file.


when user enter user name
and password and click login button write following code (find form source)

   // Create a custom FormsAuthenticationTicket containing
   // application specific data for the user. 
   // user email address
   string email        = this.TextBox1.Text ; 
   //user password
   string password     = this.TextBox2.Text ; 
   bool   isPersistent = false; //Persist.Checked; 
   //write down u r own methods for authentication
   //either from database or file
   if (Authenticat(email)) 
    //if user is authunticated then
    //get the user time from databse or file where user have 
metiontioed it. this will return an intger value, for example 30, 60 this is time out in 
    int timeout=settimeout();
    //this variable will be accessible automatically
    //on each form...
    //so if you have some role base system
    //or you want to assign some data to this user
    //then put this along with this ticket
    //as done here 
    //supose mubi is admin and i want store this info in ticket
    //so that i can get it on each page
    //you will get this information from database that what is 
his roles. i am hard coding here.
    string username="mubi"; 
    string userData = setrole(username); 
    FormsAuthenticationTicket ticket = new 
    // Encrypt the ticket.
    string encTicket = FormsAuthentication.Encrypt(ticket); 
    // Create the cookie.
HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); 
    // Redirect back to original URL.

Logout Button:

on logout button press write following code

//sign out from form authentication


//abandon session




This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Mubi |
Business Analyst Valentia Technologies
Ireland Ireland

You may also be interested in...

Comments and Discussions

GeneralMy vote of 2 Pin
Harishankar Maurya14-Jan-15 18:00
memberHarishankar Maurya14-Jan-15 18:00 
GeneralForms Authentication SignOut Pin
umaramiya18-Apr-07 23:47
memberumaramiya18-Apr-07 23:47 
GeneralRe: Forms Authentication SignOut Pin
Mubshir Raza Ali19-Apr-07 0:00
memberMubshir Raza Ali19-Apr-07 0:00 
QuestionAuthenticat? Pin
mrkenn777122-Jun-05 10:42
membermrkenn777122-Jun-05 10:42 
Generalstore Logout datetime Pin
Q_Quek31-Mar-05 14:47
memberQ_Quek31-Mar-05 14:47 
GeneralRe: store Logout datetime Pin
Mubshir Raza Ali19-Apr-07 0:04
memberMubshir Raza Ali19-Apr-07 0:04 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink | Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.170915.1 | Last Updated 5 Dec 2005
Article Copyright 2004 by Mubi |
Everything else Copyright © CodeProject, 1999-2017
Layout: fixed | fluid