Small width layout Medium width layout Maximum width layout Small text Medium text Large text
     Search
Downloads Downloads Directory Directory Forums Forums Forge Forge Blogs Blogs        Marketplace Marketplace Careers Program Careers
Community › Forums Register  |  

AppTheory specializes in solutions based on the DotNetNuke platform and has 2 employees on the DotNetNuke Core Team.
  Need Help?  
Professional technical support for DotNetNuke is available from DotNetNuke Corporation.
 


  Ads  
OnyakTech
 


  Sponsors  

Meet Our Sponsors

DataSprings - Great Ideas. Always Flowing.
R2integrated - formerly bi4ce
Jango Studios - Skins, Modules and Hosting for DotNetNuke
eUKhost.com is commited to offer exceptional UK Windows Web Hosting solutions with quality 24x7 technical support.Our plans support ASP.Net, ASP, ASP.NET Ajax extensions, XML, MSSQL, MySQL, PHP,DNN, multiple domains and Shared SSL as standard.
SmarterTools
The Official Microsoft ASP.NET Website
 


DotNetNuke Forums
 
  Forum  General DotNetN...  Chat About It!  Remember login
Previous Previous
 
Next Next
New Post 7/10/2007 2:54 PM
User is offline John Mitchell
3854 posts
www.snapsis.com
4th Ranked




Re: Remember login 

Correct.  If you specifically logout then it will delete your auth cookie, not waiting for it to expire normally.  Yes, this is by design. 

The timeout is a sliding expiration, so if your users normally come back every day then you don't need it to be set for a week.

The drawback to setting it longer is that if the auth cookie is captured by a hacker then they will be able to wait longer before they have to use it.  Setting it to a shorter time makes it harder for a hacker to make it their own, but they always have to find a way to capture it first. 

In the 1.1 version of the .Net framework the timeout when using remember me was set to 50 years, so setting it for a week is a big improvement. 

 
 
New Post 7/10/2007 3:42 PM
User is offline brian
530 posts
8th Ranked


Re: Remember login 

remember me for an hour is useless ..   annoying ..   and frustrating..    whats the point?   even after so many comments..  dotnetnuke.com still has the same value..  

how it should work is for a few days..  if you are online in that time period, it gets extended..    that is REMEMBER LOGIN...   or a year.   It says 'remember', not short term memory issues.

Sorry..  it is just frustrating to say Remember Login ..  for it to do nothing.
 
New Post 7/10/2007 3:45 PM
User is offline Stephen Nill
219 posts
9th Ranked


Re: Remember login 

John, this is very helpful. A DNN mystery is solved!

I wonder if others, like me, have been careful to click the "log out" link before exiting, not realizing that they were destroying the cookie and hence the ability to have the portal remember them?

Steve
 
New Post 7/10/2007 3:58 PM
User is offline Stephen Nill
219 posts
9th Ranked


Re: Remember login 
Modified By Stephen Nill on 7/10/2007 7:00:10 PM)

Brian, I agree with you. Fortunately, it's an easily configured value. Unfortunately, it's one of those things where you have to expend time and effort, and lean on the expertise of our generous colleagues here who know so much more about the inner workings of DNN, to find the "fix." (It's not really a fix, but a tweak, to be fair.)

Borrowing from what John just said, though, I do suppose that the short-duration, out-of-the-box 60-minute value might be so short because it's more secure to have a cookie duration of one hour as opposed to something lengthier. If so, I must have missed that memo. <g>

Anyway, I'm just happy to know about the tweak.

Steve
 
New Post 7/10/2007 4:24 PM
User is offline brian
530 posts
8th Ranked


Re: Remember login 

I'd like to tweak dotnetnuke.com  ;)   Never ever ever clicked log-out ...  but an hour later I will be  :)
 
 Page 3 of 4Previous1234Next 
Previous Previous
 
Next Next
  Forum  General DotNetN...  Chat About It!  Remember login
 


Forum Policy

These Discussion Forums are dedicated to the discussion of the DotNetNuke Web Application Framework.

For the benefit of the community and to protect the integrity of the project, please observe the following posting guidelines:

1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DotNetNuke.
2. Discussion or promotion of DotNetNuke product releases under a different brand name are strictly prohibited.
3. No Flaming or Trolling.
4. No Profanity, Racism, or Prejudice.
5. Site Moderators have the final word on approving/removing a thread or post or comment.
6. English language posting only, please.
 


TronixSoft
Hosting for local businesses that want more from their websites.
www.TronixSoft.com 		The Forerunner Network
The Forerunner Network consists of a group of Dynamic Website & Interactive Membership Portal hosting services that are managed by Forerunner Communications. Our services span a wide range of markets and enable individuals, organizations and businesses to build and manage dynamic, interactive portals and websites.
The Forerunner Network 		ZLDNN.COM
We provide commercial DotNetNuke modules.
www.zldnn.com

DotNetNuke Corporation   Terms Of Use  Privacy Statement
DotNetNuke®, DNN®, and the DotNetNuke logo are trademarks of DotNetNuke Corporation
Hosted by MaximumASP