locked
Auto logout & disable login RRS feed

  • Question

  • User-822810358 posted

    Hello,

    I am trying to preform two differenet operations . So , I log into systems with : FormsAuthentication.RedirectFromLoginPage () & Log out using FormsAuthentication.RedirectToLoginPage () .

    What I want to preform is auto logout if nothing was pressed after specif time ( let's say 5 minutes ) and the second thing I want to do is to check if user tried to log in multiple time let's say 4 and if they failed to lock entrance for specif amount of time ( let's say another 15 minutes ).

    Any ideas ?

    Thanks for all that try to help .

    Wednesday, June 18, 2008 9:23 AM

Answers

  • User-111066148 posted

    What I want to preform is auto logout if nothing was pressed after specif time ( let's say 5 minutes )

    You can configure this on your web.config file. 

    <forms name="..aspxauth" loginUrl="login.aspx" protection="All" timeout="5" path="/"
    requireSSL="false" slidingExpiration="true">

    Hope the above helps.

    and if they failed to lock entrance for specif amount of time

    Can you explain what do you mean by lock entrance?

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, June 18, 2008 9:53 AM
  • User-111066148 posted

    Yes as the page is refreshing, it never get into idle state. Will you be able to  increase the automatic post back time to 5 minutes?

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, June 18, 2008 11:25 AM
  • User1137074964 posted

    Hello,

    I am trying to preform two differenet operations . So , I log into systems with : FormsAuthentication.RedirectFromLoginPage () & Log out using FormsAuthentication.RedirectToLoginPage () .

    What I want to preform is auto logout if nothing was pressed after specif time ( let's say 5 minutes ) and the second thing I want to do is to check if user tried to log in multiple time let's say 4 and if they failed to lock entrance for specif amount of time ( let's say another 15 minutes ).

    Any ideas ?

    Thanks for all that try to help .

    Second thing is not a easy task. Of cause you can implement it but you will consume a lot of time to verify the count of unsuccessful logins.

    http://www.californiadreamhomesandland.com

    Alexei Cioina.

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, June 18, 2008 2:07 PM

All replies

  • User-111066148 posted

    What I want to preform is auto logout if nothing was pressed after specif time ( let's say 5 minutes )

    You can configure this on your web.config file. 

    <forms name="..aspxauth" loginUrl="login.aspx" protection="All" timeout="5" path="/"
    requireSSL="false" slidingExpiration="true">

    Hope the above helps.

    and if they failed to lock entrance for specif amount of time

    Can you explain what do you mean by lock entrance?

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, June 18, 2008 9:53 AM
  • User-822810358 posted

    First of all , thanks for your help already .

    Now , I need a bit more explanation about your solution to the first question .

    What do I write in the "forms name="?"" . The page at which I want this to work on ? And if so what if I have more then one page after entrance .

    Secondly , will it only logout if nothing is done at screen ? At the computer ? Mouse not moved ? What is the exact conditions ?

     

    My second question . What I meant is to disable login for 15 minutes , in what way , I am open to advices .

    Again , thanks !

    Wednesday, June 18, 2008 10:01 AM
  • User-822810358 posted

    Okay , got it to work , great , first problem solved [:D]

    Wednesday, June 18, 2008 10:12 AM
  • User-1363023537 posted

    Hi,
     you can set timeout=15 and sliding expiration = true
    so if user becomes inactive he will be redirected to login page. because authentication cookie  expires  in 15 min. as timeout set to 15

    Satalaj

    Wednesday, June 18, 2008 10:19 AM
  • User-822810358 posted

    Hmm ... Trying to understand what problem does it solve . What I want is a way to count if user tried to login several times and failed and if so , then I want to lock him outside for 15 mins ... Like display a message saying you cannot log in for the next 15 minutes due to multiple tries or something of that sort , maybe diabling login button for 15 mins .

    Wednesday, June 18, 2008 10:22 AM
  • User-111066148 posted

    What do I write in the "forms name="?"" .
     

     

    Sorry, I missed out the loginUrl and that is the tag where you specify your login page. With name you can configure the name of the cookie to use and if no cookie name is specified, the default is .ASPXAUTH.

    <system.web>

    <authentication mode=”Forms”>     <forms name=”ASPXAUTH”  loginUrl=”login.aspx”  timeout=”5” />

    </system.web>

    Secondly , will it only logout if nothing is done at screen ? At the computer ? Mouse not moved ? What is the exact conditions ?

    Logout is usually done with a  logout button_click event on the pages. You can also timeout the users like you said setting timeout for 5 minutes or 10 min.

     

    Wednesday, June 18, 2008 10:25 AM
  • User-822810358 posted

     Checked it somemore now ... Okay , so it works when I move clock forward for let's say 5 minutes BUT when I just wait it out , it doesn't . What's the problem ? Can it be because every 4 seconds my page post backs to server ( I do it because I need to refresh data on the page ).

    Wednesday, June 18, 2008 10:35 AM
  • User-111066148 posted

    Yes as the page is refreshing, it never get into idle state. Will you be able to  increase the automatic post back time to 5 minutes?

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, June 18, 2008 11:25 AM
  • User1137074964 posted

    Hello,

    I am trying to preform two differenet operations . So , I log into systems with : FormsAuthentication.RedirectFromLoginPage () & Log out using FormsAuthentication.RedirectToLoginPage () .

    What I want to preform is auto logout if nothing was pressed after specif time ( let's say 5 minutes ) and the second thing I want to do is to check if user tried to log in multiple time let's say 4 and if they failed to lock entrance for specif amount of time ( let's say another 15 minutes ).

    Any ideas ?

    Thanks for all that try to help .

    Second thing is not a easy task. Of cause you can implement it but you will consume a lot of time to verify the count of unsuccessful logins.

    http://www.californiadreamhomesandland.com

    Alexei Cioina.

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, June 18, 2008 2:07 PM
  • User-1547683353 posted

    Does any one have idea how to implement user lockout after 3 unsuccessful login attempts ?

    Thursday, August 20, 2009 10:17 AM
  • User-1363023537 posted

    Add this attribute maxInvalidPasswordAttempts="5" In to MembershipProvider web.config section.
    This will lockout user after 5 invalid password attempt.

    -Satalaj

    Thursday, August 20, 2009 11:46 AM