OK - I need to get LOGIN "NO Timeout" fixed for Membership provider

Discussion of open issues, suggestions and bugs regarding ADO.NET provider for MySQL
Post Reply
Cody21
Posts: 112
Joined: Thu 01 Mar 2007 00:58

OK - I need to get LOGIN "NO Timeout" fixed for Membership provider

Post by Cody21 » Wed 28 Nov 2007 20:58

Long time customer - since 3.55 ... I *still* am unable to get a NO TIMEOUT to work on my site using MySqlDirect.net and really need some ideas on how to resolve this. My members are more than upset and have asked me to get this fixed.

So here's the deal -- I referred to your SAMPLEs for Web and Webservices. Your WEB.CONFIG samples are very very simple as fas as the AUTHENTICATION section. Mine was tailored after your sample. Please see my cut & paste below.

What is happening is after I - or any of my members - LOGIN, exit my site or close the Browser, and return to my site after around 30 mins, they are Timed Out and being forced to Login again. The option is set to "Remember Me" - and we do in fact check that box. I have also bumped up the TIMEOUT value - and it has no effect. My ISP is *not* causing this timeout. I confirmed this with them. As an example the way it NEEDS to work : When I go here to YOUR site, I Never get prompted to re-logon. My user name ALWAYS shows up in the upper right corner. This is precisely how MY site needs to work.

Can someone (Alexey?) PLEASE help me resolve this? Thank you again.

If you need to see this first hand, I can provide (via email) you my web site with a userid & pw .. Just ask.

my web.config section for Authentication:

[snip]




[snip]

Serious

Post by Serious » Thu 29 Nov 2007 08:29

Can you provide an example to reproduce the problem? Use e-mail address which can be found in Support.html file.

Cody21
Posts: 112
Joined: Thu 01 Mar 2007 00:58

Post by Cody21 » Thu 29 Nov 2007 16:35

Thank you .... email sent to you.

Cody21
Posts: 112
Joined: Thu 01 Mar 2007 00:58

Post by Cody21 » Fri 30 Nov 2007 17:04

hey guys -- did you get my email to you?

Thanks

Cody21
Posts: 112
Joined: Thu 01 Mar 2007 00:58

Post by Cody21 » Mon 03 Dec 2007 16:18

Hey guys - did you receive the email? Waiting on anything else from me?

Serious

Post by Serious » Mon 03 Dec 2007 18:09

I've answered you by email. Please check this out.

Cody21
Posts: 112
Joined: Thu 01 Mar 2007 00:58

Post by Cody21 » Mon 03 Dec 2007 23:57

Well, this just doesn't work. I've change the settings to the TIMEOUT="60" for both sections of my web.config file - like your example; sorry, still doesn't work.

Again, what happens is we login, look at some stuff/pages on the site, come back 45 mins later and are prompted to re-login. Did you see this first hand with the userid/pw I emailed you? I don't see that you attempted it.

PS - when I change the cookieless="true", I can't even login ... So I have it set to "false" ...

Thanks for your help. I sent you an email with the web.config file attached.

Cody21
Posts: 112
Joined: Thu 01 Mar 2007 00:58

Post by Cody21 » Wed 05 Dec 2007 18:39

Anyone looking at this for me?

Serious

Post by Serious » Thu 06 Dec 2007 11:01

We performed some intensive testing (it took some time) and didn't find any new issues in this question. We used IIS and VS2005 local web server both with default preferences, Firefox, IE, Opera browsers. We used WebProviders demo project shipped with MyDirect .NET, and the only thing that was changed is the timeout value in the authentication section, which is not related to our provider:

Code: Select all

...
		
			
			
		
...
After login a cookie was added to the client computer, and I was able to automatically login according to the cookie expiring time.

Moreover, after successful login (cookie was created) I've closed browser and commented out all code that is related to the MyDirect .NET (code in .cs files, settings in web.config file), rebuilt the demo and tried to re-open site in the browser. I was automatically logged in. With our internal logging tools I've checked that there was no roundtrip to MySQL Server. All this means that our ASP.NET providers do not participate in automatic login process.

PS. ASP.NET is not my primary skill, so there may be things that I didn't take in account, therefore I used our simple demo. If you can provide me another small example that locates the problem, I'll be glad to test it. Please do not propose me to test web hosted site, I am waiting for zipped source.

Cody21
Posts: 112
Joined: Thu 01 Mar 2007 00:58

Post by Cody21 » Thu 06 Dec 2007 16:00

OK, and thanks for the effort ... This is sooo bazaaar ...

I will continue my effort to troubleshoot this and try to zip together a small project to reproduce it...

update: You say in that code snippet above that :

" "

I have several web.config files - the main one on the root of my project that contains your provider stuff and everything else for my site. Then a "security" web.confg in each sub-folder that only authorizes who may access that specific folder. I am not clear what you mean by that statement above. When I attempt to add the code to my sub-folder web.config files, I get an application error when I attempt to access the page associated with the security web.config (e.g., DENY=, ALLOW=, etc.). So do you REALLY mean that for every web.config file in my site (in the system.web section) , I am supposed to have that code ?????????

Serious

Post by Serious » Fri 07 Dec 2007 08:47

This is from Forms Authentication Across Applications MSDN article.

Cody21
Posts: 112
Joined: Thu 01 Mar 2007 00:58

Post by Cody21 » Sun 09 Dec 2007 16:09

Thanks for that link. After reading thru the MS documentation (again!), I added a "machine key" section to the end of my web.config file. That seems to have been the issue. I honestly don't understand WHY it's needed; but it DID fix this issue.

I have been able to up my TIMEOUT value in both the Session State and FORMS section to 6000 - I am no longer getting prompted to re-login when I come back to my site.

Thanks for your assistance.

Serious

Post by Serious » Mon 10 Dec 2007 11:20

Glad to hear that the problem is solved. I didn't went deep in this, but machineKey section exists in our demo, and it works.

Please feel free to contact us in the future.

Post Reply