5

I am using the built-in Identity framework offered by the MVC template in VS2013 .NET Framework 4.5.1.

I am using the feature more or less out of the box. It has been working fine. Compared to other posts I have read, my web.config has:

<authentication mode="None" />

How do I set a time out period for authenticated sessions, that is, after the user has logged in?

Improve this question
2
  • This will help you: asp.net/mvc/overview/security/… Commented Apr 8, 2015 at 3:34
  • 1
    Yes, I had followed the steps in this article and it worked successfully for me. I just cannot figure out how to set a time out. Right now, the logged in session is valid forever. Commented Apr 8, 2015 at 3:39

1 Answer 1

Reset to default
9

If you are using Owin authentication, you should have something like this on your StartUp.cs file within the App_Start folder:

public void ConfigureAuth(IAppBuilder app)
{
    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
        AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
        LoginPath = new PathString("/Account/Login"),
        // here you go
        ExpireTimeSpan = new TimeSpan(60000000000)
    });
    app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.