I'm using ASP.NET MVC 3, with forms authentication (based on modified vanilla account code you get with file->new).
When you login, I am setting an auth cookie with
FormsAuthentication.SetAuthCookie(userName, true);
So this should set a persistent cookie. But if I close the browser and re-open, when I browse to the site I am forced to log in again! I can see using chrome dev tools that the cookie (.ASPXAUTH) is being created and not being deleted when I close the browser, so what's happening?
My web.config:
<authentication mode="Forms">
<forms loginUrl="~/Account/LogIn" timeout="10000"/>
</authentication>
I'm testing this locally, under IIS if that makes any difference.
Best Answer
I'd better create myself a cookie using authentication ticket.
SetAuthCookie
creates an auth ticket under the hood. Have you tried making your own auth ticket? It will let you store extra data on it.Here's an example :
Hope this helps.