VS.NET 2003
I'm using Forms authentication in my app and calling
FormsAuthentication.RedirectFromLoginPage( string userName, bool setPersistentCookie )
on successful login. My question is about the userName parameter and the case where a user may log in to the app multiple times at once (in different browser windows/tabs) on the same machine, or even on different machines. Using the same machine as an example:
1. User Joe logs in. "Joe" is passed as parameter "userName" and a cookie is created on Joe's PC.
2. Joe fires up another browser session and logs in again. The same user name "Joe" is passed to FormsAuthentication.RedirectFromLoginPage().
Does ASP.NET "automagically" create a separate cookie (and by extension, separate session) for this second browser instance? In my informal testing this seems to be the case: (BTW setPersistentCookie is always false in my app)
- If I try to go to Default.aspx in instance 1, I get redirected to login.aspx. I log in and Default.aspx comes up as expected.
- While instance 1 is still running I fire up instance 2 and try to go directly to Default.aspx. Once again, I'm redirected to the login page - after login I'm once again in Default.aspx as expected.
I suspect there could be issues with persistent cookies - fortunately I'm avoiding them in this app.
Regards. Al
"Violence is the last refuge of the incompetent." -- Isaac Asimov
"Never let your sense of morals prevent you from doing what is right." -- Isaac Asimov
Neither a despot, nor a doormat, be
Every app wants to be a database app when it grows up