Developer forum

Forum » Templates » Automatic log-out extranet after session-timeout

Automatic log-out extranet after session-timeout

Michael Fløe Haug
Reply

According to Nets security demands, a webshop extranet user should be logged out automatically if the user has been inactive for the time of the session-timeout (or other time set). This is not happening in DW today. Maybe it can be implemented in the template?

Replies

 
Nicolai Pedersen
Nicolai Pedersen
Reply

Hi Michael

I've never heard that one before - if you have a link I would appreciate it - so we can make it controllable to that level. What if a user have a remember username and password checkbox? Is that not allowed either? Or if the browser remembers the username or password?

Dynamicweb will keep the login cookie alive for as long as the browser is open - but the session will still expire, but trigger a new silent login if that happens.

To change the expiration of that cookie to 20 mins, you can add this snippet to the end of your master/layout template.

            //Change expiration of the login cookie
            Dynamicweb.Environment.Cookie cookie = Dynamicweb.Context.Current.Request.Cookies["DW_ExtranetSessionCookie"];
            if (cookie != null)
            {
                cookie.Expires = System.DateTime.Now.AddMinutes(20);
                Dynamicweb.Environment.CookieManager.UpdateCookie(cookie);
            }

Thanks, Nicolai

 
Michael Fløe Haug
Reply

Thanx Nicolai, I will try your snippet on the solution.

I have a link https://www.nets.eu/globalassets/documents/denmark/in-danish/teller_terms_dk_300915_1059pdf

18.3 Sikkerhedskrav

Michael

 
Alexander Tømmerholen
Reply

Hello,

Is the code above still best practice to log off user after x amount of time has passed? or has there been any changes? We have a customer where they want users to be logged off after 5 mins, because of security reasons. When I tried the code above I was not able to make it work. The solution are running on the newest version of dynamicweb.

Best Regards
Alexander

 

You must be logged in to post in the forum