OwinContext.Authentication.SignIn method behave differently on same input
Can someone explain this?
I am using Owin Cookie Authentication and in my method I have the following code:
e.OwinContext.Authentication.SignIn(/* AuthenticationProperties, ClaimsIdentity */);
e is CookieValidateIdentityContext
When I have this method in my code, site asks for my credentials if I haven't sent a request for 30 minutes, but if I sent request (for example) every 20 minutes, then I am not asked to enter credentials.
When I don't have this method then I am not asked for credentials for 1 day because ExpireTimeSpan is set to 1440 minutes.
So my question is: What is happening inside the code above, and how I can prevent to log in again if I don't send a request for 30 minutes.
I'm using Microsoft.Owin.Sequrity 3.0
link to Owin method: public void SignIn row:203
c# security cookies token owin
asked Nov 21 '18 at 14:09
SasoSaso
989
add a comment |
Can someone explain this?
I am using Owin Cookie Authentication and in my method I have the following code:
e.OwinContext.Authentication.SignIn(/* AuthenticationProperties, ClaimsIdentity */);
e is CookieValidateIdentityContext
When I have this method in my code, site asks for my credentials if I haven't sent a request for 30 minutes, but if I sent request (for example) every 20 minutes, then I am not asked to enter credentials.
When I don't have this method then I am not asked for credentials for 1 day because ExpireTimeSpan is set to 1440 minutes.
So my question is: What is happening inside the code above, and how I can prevent to log in again if I don't send a request for 30 minutes.
I'm using Microsoft.Owin.Sequrity 3.0
link to Owin method: public void SignIn row:203
c# security cookies token owin
asked Nov 21 '18 at 14:09
SasoSaso
989
how your sign in code looks like?
– cuongle
Nov 21 '18 at 14:20
@cuongle It is normal sign in page, the problem is that I am redirected there if I don't send a request for 30 minutes (which I set 30 minutes in my config file) . *And that only happens if I have this line here
– Saso
Nov 21 '18 at 14:55
Sorry I dont understand your problem if you don't show your code
– cuongle
Nov 21 '18 at 14:57
Sorry @cuongle I was in a rush, didn't understand your question well. this is my sign in code: (new AuthenticationProperties { IsPersistent = e.Properties.IsPersistent }, principal) where principal is the result of await manager.CreateIdentityAsync()
– Saso
Nov 21 '18 at 15:12
add a comment |
Can someone explain this?
I am using Owin Cookie Authentication and in my method I have the following code:
e.OwinContext.Authentication.SignIn(/* AuthenticationProperties, ClaimsIdentity */);
e is CookieValidateIdentityContext
When I have this method in my code, site asks for my credentials if I haven't sent a request for 30 minutes, but if I sent request (for example) every 20 minutes, then I am not asked to enter credentials.
When I don't have this method then I am not asked for credentials for 1 day because ExpireTimeSpan is set to 1440 minutes.
So my question is: What is happening inside the code above, and how I can prevent to log in again if I don't send a request for 30 minutes.
I'm using Microsoft.Owin.Sequrity 3.0
link to Owin method: public void SignIn row:203
c# security cookies token owin
asked Nov 21 '18 at 14:09
SasoSaso
989
Can someone explain this?
I am using Owin Cookie Authentication and in my method I have the following code:
e.OwinContext.Authentication.SignIn(/* AuthenticationProperties, ClaimsIdentity */);
e is CookieValidateIdentityContext
When I have this method in my code, site asks for my credentials if I haven't sent a request for 30 minutes, but if I sent request (for example) every 20 minutes, then I am not asked to enter credentials.
When I don't have this method then I am not asked for credentials for 1 day because ExpireTimeSpan is set to 1440 minutes.
So my question is: What is happening inside the code above, and how I can prevent to log in again if I don't send a request for 30 minutes.
I'm using Microsoft.Owin.Sequrity 3.0
link to Owin method: public void SignIn row:203
c# security cookies token owin
c# security cookies token owin
asked Nov 21 '18 at 14:09
SasoSaso
989
asked Nov 21 '18 at 14:09
SasoSaso
989
asked Nov 21 '18 at 14:09
SasoSaso
989
asked Nov 21 '18 at 14:09
SasoSaso
989
asked Nov 21 '18 at 14:09
SasoSaso
989
989
how your sign in code looks like?
– cuongle
Nov 21 '18 at 14:20
@cuongle It is normal sign in page, the problem is that I am redirected there if I don't send a request for 30 minutes (which I set 30 minutes in my config file) . *And that only happens if I have this line here
– Saso
Nov 21 '18 at 14:55
Sorry I dont understand your problem if you don't show your code
– cuongle
Nov 21 '18 at 14:57
Sorry @cuongle I was in a rush, didn't understand your question well. this is my sign in code: (new AuthenticationProperties { IsPersistent = e.Properties.IsPersistent }, principal) where principal is the result of await manager.CreateIdentityAsync()
– Saso
Nov 21 '18 at 15:12
add a comment |
how your sign in code looks like?
– cuongle
Nov 21 '18 at 14:20
@cuongle It is normal sign in page, the problem is that I am redirected there if I don't send a request for 30 minutes (which I set 30 minutes in my config file) . *And that only happens if I have this line here
– Saso
Nov 21 '18 at 14:55
Sorry I dont understand your problem if you don't show your code
– cuongle
Nov 21 '18 at 14:57
Sorry @cuongle I was in a rush, didn't understand your question well. this is my sign in code: (new AuthenticationProperties { IsPersistent = e.Properties.IsPersistent }, principal) where principal is the result of await manager.CreateIdentityAsync()
– Saso
Nov 21 '18 at 15:12
how your sign in code looks like?
– cuongle
Nov 21 '18 at 14:20
how your sign in code looks like?
– cuongle
Nov 21 '18 at 14:20
@cuongle It is normal sign in page, the problem is that I am redirected there if I don't send a request for 30 minutes (which I set 30 minutes in my config file) . *And that only happens if I have this line here
– Saso
Nov 21 '18 at 14:55
@cuongle It is normal sign in page, the problem is that I am redirected there if I don't send a request for 30 minutes (which I set 30 minutes in my config file) . *And that only happens if I have this line here
– Saso
Nov 21 '18 at 14:55
Sorry I dont understand your problem if you don't show your code
– cuongle
Nov 21 '18 at 14:57
Sorry I dont understand your problem if you don't show your code
– cuongle
Nov 21 '18 at 14:57
Sorry @cuongle I was in a rush, didn't understand your question well. this is my sign in code: (new AuthenticationProperties { IsPersistent = e.Properties.IsPersistent }, principal) where principal is the result of await manager.CreateIdentityAsync()
– Saso
Nov 21 '18 at 15:12
Sorry @cuongle I was in a rush, didn't understand your question well. this is my sign in code: (new AuthenticationProperties { IsPersistent = e.Properties.IsPersistent }, principal) where principal is the result of await manager.CreateIdentityAsync()
– Saso
Nov 21 '18 at 15:12
add a comment |
1 Answer
1
active
oldest
votes
You can add Expired time into your AuthenticationProperties, like below:
SignIn(new AuthenticationProperties
{
IsPersistent = e.Properties.IsPersistent,
ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(1440)
}, principal);
answered Nov 21 '18 at 15:23
cuonglecuongle
56.3k25115173
Thanks for the answer, but it didn't help @cuongle
– Saso
Nov 22 '18 at 8:29
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53413917%2fowincontext-authentication-signin-method-behave-differently-on-same-input%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You can add Expired time into your AuthenticationProperties, like below:
SignIn(new AuthenticationProperties
{
IsPersistent = e.Properties.IsPersistent,
ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(1440)
}, principal);
answered Nov 21 '18 at 15:23
cuonglecuongle
56.3k25115173
Thanks for the answer, but it didn't help @cuongle
– Saso
Nov 22 '18 at 8:29
add a comment |
You can add Expired time into your AuthenticationProperties, like below:
SignIn(new AuthenticationProperties
{
IsPersistent = e.Properties.IsPersistent,
ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(1440)
}, principal);
answered Nov 21 '18 at 15:23
cuonglecuongle
56.3k25115173
Thanks for the answer, but it didn't help @cuongle
– Saso
Nov 22 '18 at 8:29
add a comment |
You can add Expired time into your AuthenticationProperties, like below:
SignIn(new AuthenticationProperties
{
IsPersistent = e.Properties.IsPersistent,
ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(1440)
}, principal);
answered Nov 21 '18 at 15:23
cuonglecuongle
56.3k25115173
You can add Expired time into your AuthenticationProperties, like below:
SignIn(new AuthenticationProperties
{
IsPersistent = e.Properties.IsPersistent,
ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(1440)
}, principal);
answered Nov 21 '18 at 15:23
cuonglecuongle
56.3k25115173
answered Nov 21 '18 at 15:23
cuonglecuongle
56.3k25115173
answered Nov 21 '18 at 15:23
cuonglecuongle
56.3k25115173
answered Nov 21 '18 at 15:23
cuonglecuongle
56.3k25115173
56.3k25115173
Thanks for the answer, but it didn't help @cuongle
– Saso
Nov 22 '18 at 8:29
add a comment |
Thanks for the answer, but it didn't help @cuongle
– Saso
Nov 22 '18 at 8:29
Thanks for the answer, but it didn't help @cuongle
– Saso
Nov 22 '18 at 8:29
Thanks for the answer, but it didn't help @cuongle
– Saso
Nov 22 '18 at 8:29
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53413917%2fowincontext-authentication-signin-method-behave-differently-on-same-input%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
how your sign in code looks like?
– cuongle
Nov 21 '18 at 14:20
@cuongle It is normal sign in page, the problem is that I am redirected there if I don't send a request for 30 minutes (which I set 30 minutes in my config file) . *And that only happens if I have this line here
– Saso
Nov 21 '18 at 14:55
Sorry I dont understand your problem if you don't show your code
– cuongle
Nov 21 '18 at 14:57
Sorry @cuongle I was in a rush, didn't understand your question well. this is my sign in code: (new AuthenticationProperties { IsPersistent = e.Properties.IsPersistent }, principal) where principal is the result of await manager.CreateIdentityAsync()
– Saso
Nov 21 '18 at 15:12