6

I am looking for a solution where we can make a FormsAuthenticationTicket (and corresponding cookie) with a very long expiration period. This is possible by setting a high value or using a sliding expiration, but when the application pool of the website is recycled, the FormsAuthenticationTicket disappears (I think), the cookie gets invalid and the user is asked to login again.

Is there any way around this?

Gerrie Schenck
  • 22,148
  • 20
  • 68
  • 95

1 Answers1

7

Set static machineKeys instead of the auto generated. This way the FormsAuthenticationTicket will survive app pool recycling.

Darin Dimitrov
  • 1,023,142
  • 271
  • 3,287
  • 2,928
  • Is there any other way? I have an app which works without static keys on one server (IIS 7.5), and tickets are invalidated if app is hosted on another server (IIS 7). If you know what could be the reason for such behaviour, please answer my question: http://stackoverflow.com/questions/11518692/persistent-auto-generated-asp-net-machinekeys – Marko Jul 18 '12 at 06:28