Clear .ASPXFormsAuth when browser is closed down

Ger Vang asked on October 7, 2014 19:47

Kentico version 6

How do you clear ".ASPXFormsAuth" cookie when you close down the browser? I'm using a session timer to expire after 20 minutes using this code: CMSContext.ViewMode = CMS.PortalEngine.ViewModeEnum.LiveSite CookieHelper.EnsureResponseCookie(FormsAuthentication.FormsCookieName) CookieHelper.ChangeCookieExpiration(FormsAuthentication.FormsCookieName, DateTime.Now.AddMinutes(Session.Timeout), False)

I noticed that when I remove the code "CookieHelper.ChangeCookieExpiration(FormsAuthentication.FormsCookieName, DateTime.Now.AddMinutes(Session.Timeout), False)", the cookie clears when you close down the browser. Is it possible to clear the session when you close the browser if you are setting cookie expiration?
This is tested on the following browsers(all up-to-date): Chrome, Firefox, Opera and Safari. IE 11 is not behaving this way. When you sign in and close your browser, the session gets deleted and you'll have to sign in again. This is the behavior I want for the other browsers.

Is this a normal behavior when you use "ChangeCookieExpiration" so your browser doesn't delete ".ASPXFormsAuth"?

Recent Answers

Martin Danko answered on October 13, 2014 16:54

Hello Ger,

So the explanation of this functionality could be found directly on the website of Microsoft:

... and this is a default behavior of Microsoft. The session cookie will expire 30 minutes after the user is logged-out.

The ultimate solution if you want to avoid this is to configure your website for SSL.

Best regards, Martin

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.