Recently my web site was moved to IIS 6.0. I like it, it's fast and works well. But one problem has come up with forms authentication. I have a "Remember Me" check box. When that is checked off, it sets a persistent cookie and the user doesn't have to log back in again.

But with IIs 6.0, it's as if the persistent cookie isn't even there -- the user gts logged out after 20 minutes and when he/she visits the site again, he/she has to log in again. Has anybody else experienced this? Any idea how to fix it?

It might have something to do with your settings in your web.config file. I had the same problem here.
[quote]
<authenticationmode="Forms">
<formsloginUrl="Connect.aspx"name="FORMSAUTHCOOKIE"path="/"protection="None"</fontid="red">timeout="525600"slidingExpiration="true"/>
</authentication>
</CODE>

I had to set the protection to None to get it to work ... you might want to try this out.


--
Steurm
www.steurm.net/steurm

quote:Originally posted by steurm

It might have something to do with your settings in your web.config file. I had the same problem here.
[quote]
<authenticationmode="Forms">
<formsloginUrl="Connect.aspx"name="FORMSAUTHCOOKIE"path="/"[b]protection="None"</fontid="red">timeout="525600"slidingExpiration="true"/>
</authentication>
</CODE>

I had to set the protection to None to get it to work ... you might want to try this out.
</blockquote id="quote"></font id="quote">

That did it, thank you!

Just be carefull setting protection=none. Your cookies will not be encrypted and sensitive information (e.g. passwords) can be seen.

Thanks from me as well. Looking at this problem for a while.


Also when I look at the cookie in notepad it does seem encrypted to some degree.