Home/ Questions/Q 9205467
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T23:57:24+00:00

I use Form Based Authentication in my site In my login page I have:

  • 0

I use Form Based Authentication in my site
In my login page I have:

FormsAuthentication.SetAuthCookie(user.userName, true)

When I want to check if the user is authenticated I do:

HttpContext.Current.User.Identity.IsAuthenticated

I’m not using Asp.net Membership, instead i use my on SQL-DB verification
do i have to use Asp.net Membership ?

This is working for me most of the times
The problem is that sometimes after 5 hours or something after 30 hours
The Application pool gets restarted for some reason (I’m on a shared server)
And after that the “User.Identity.IsAuthenticated” returns with false, every time until the user logs in again.

This is strange to me because I can see that the client still have the persistent authCookie so why the user is not authenticated ?

My Web.Config reference:

<authentication mode="Forms">
<forms
name="AuthCookie"
loginUrl="~/mySite/ManageLogin.aspx"
timeout="5256000"/>
</authentication>

Any help will be appreciated.

My site http://www.mentallica.co.il

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This may be due to the automatic generation of the machinekey at the application start. You can prevent that by specifying a machinekey for your app in your web.config:

    <machineKey
    validationKey="410E4E2B06BE457709F2D8C72BB02957A3B4E8BA327F3A6103696857AD3A88598D454489B9D4CAAFC2D5E35E8795B311EE2E94DAA485FD64D7184272A4AE4D8B"
    decryptionKey="EFAFA0917D0D8F137F05B26AE053397C48D34DE688E73483D15C8EDAF0D6FD4F"
    validation="SHA1"
    decryption="AES" />

    You shouldn’t use this one – you may create your own easily at http://aspnetresources.com/tools/machineKey .

    More information about machinekeys: http://msdn.microsoft.com/en-us/library/ff649308.aspx

    • 0