ASP.NET MVC 2.0, here’s my auth code:
[AcceptVerbs(HttpVerbs.Post)]
public ActionResult Login(string username, string password, string returnUrl) {
if (ModelState.IsValid) {
// Attempt to login
var loginSuccessful = provider.ValidateUser(username, password);
if (loginSuccessful) {
FormsAuthentication.SetAuthCookie(username, true);
if (!String.IsNullOrEmpty(returnUrl))
return Redirect(returnUrl);
return RedirectToAction("Index", "Home");
}
}
return View(Language + "/Login", Vd);
}
Pretty much straight default authentication. Works fine for logging in. However, IE users get auto logged off randomly, even while they’re active on the site. Other browsers work fine. Here’s the forms auth from web.config:
<authentication mode="Forms">
<forms loginUrl="~/en/Account/Login" timeout="2880"/>
</authentication>
Where do I begin to look in this case? Have I found a bug?
As far as I can see everything seems fine, however, could your issue be something to do with your use of a persistent cookie? I think persistent cookies are not meant to timeout, which is why you might be using them.
Try using a non-persistent one instead, and see if that works:
Also, a few others notes of interest:
slidingExpiration="true"entry onto your<forms/>element in the web.config.