locked
Forms Authentication cookie is expired too soon RRS feed

  • Question

  • User1760643511 posted

    We are setting auth cookie as follows:

    var authTicket = new FormsAuthenticationTicket
                (
                    1, principal.Email, DateTime.Now, DateTime.Now.AddMinutes(1200),
                    falseJsonConvert.SerializeObject(principal), FormsAuthentication.FormsCookiePath
                );
                var enTicket = FormsAuthentication.Encrypt(authTicket);
                var cookies = new HttpCookie(FormsAuthentication.FormsCookieName, enTicket)
                {
                    Expires = DateTime.Now.AddMinutes(1200)
                };
                response.Cookies.Add(cookies);

    This cookie expires in 10 mins. Windows log viewer says:
    Event code: 4005
    Event message: Forms authentication failed for the request. Reason: The ticket supplied was invalid.

    Any ideas what can happen and how to fix that?
    Tuesday, June 18, 2019 6:37 PM

All replies

  • User475983607 posted

    Any ideas what can happen and how to fix that?

    It could be the application is restarting after 10 minutes and the machine key is configured to auto-generate which invalidates the token.  Try setting a specific machine key in the web.config. 

    Do a Google search and you'll find plenty machine key examples.

    Tuesday, June 18, 2019 6:48 PM
  • User-1038772411 posted

    Hello, elena@plateauinc.com

    Please change the Session timeout to 30 minutes or more  and see if the changes in your forms authentication cookie behavior. u can solve your problem

    Please Refer Below Link :

    https://forums.asp.net/t/1576310.aspx?Authentication+cookie+expires+too+early

    Wednesday, June 19, 2019 6:57 AM