Authentication Cookie Persistance

Brian Mundell asked on September 28, 2017 20:09

I am using a third party login, matching a value from that API to the userid in Kentico and setting the Authorization value to Y. This is working properly, the problem is the user is not logged out when the browser is closed. In fact I have come back overnight, rebooted my pc, and it maintained my login information and did not challenge me. Any thoughts on how to force a logout on browser close or login on browser open?

Thanks, Brian US Army, Ft. Leavenworth, KS

Recent Answers

Peter Mogilnitski answered on September 28, 2017 21:32 (last edited on September 28, 2017 21:34)

Take a look at your Kenitco web.config, specifically at your authentication section. Here is some documentation. Check 2 attributes: timeout and slidingExpiration.

1 votesVote for this answer Mark as a Correct answer

Brian Mundell answered on September 28, 2017 22:45

Yes, the web config was the first thing I checked the entry you referenced is below. But, that is not the real issue, the issue is that the closing of the browser does not force a new login on the next time it is opened unless it is beyond the session limit. Any ideas on that situation?

BTW, thanks for your response.

0 votesVote for this answer Mark as a Correct answer

David te Kloese answered on October 2, 2017 14:52

I think you're taking the authenticating to much in you're own hands. Let Kentico handle the main logic around Authentication and just write your custom provider to handle the specific events.

Have you looked into the Kentico documentation? There is a page for "Configuring custom external authentication":

https://docs.kentico.com/k10/managing-users/user-registration-and-authentication#Userregistrationandauthentication-Configuringcustomexternalauthentication

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.