Friday, January 30, 2009

Remember Me not working for Login in DotNetNuke based website

The "Remember Me" feature of the DotNetNuke Login is implemented by placing an encrypted authentication cookie on the user's machine.

The expiration of this cookie is controlled through the timeout value in the Forms Autentication node the web.config.

< forms name=".DOTNETNUKE" protection="All" timeout="60" cookieless="UseCookies" />

The default setting is 60 minutes, so it can't remember anyone for very long (I call it goldfish mode).

To extend the time your users are remembered make the timeout value larger.

< forms name=".DOTNETNUKE" protection="All" timeout="20160" cookieless="UseCookies" />

You can also make it a sliding expiration which means that every time someone visits with an auth cookie thier time will be reset to the value in the timeout. That way you can keep the timeout shorter, but still convienient for your visitors that make it back to your site before it expires.

< forms name=".DOTNETNUKE" protection="All" timeout="10080" slidingExpiration="true"
cookieless="UseCookies" />

You can see here how it works.

No comments: