Developer forum

Forum » Templates » Automatic log-out extranet after session-timeout

Automatic log-out extranet after session-timeout

Michael Fløe Haug

According to Nets security demands, a webshop extranet user should be logged out automatically if the user has been inactive for the time of the session-timeout (or other time set). This is not happening in DW today. Maybe it can be implemented in the template?


Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen

Hi Michael

I've never heard that one before - if you have a link I would appreciate it - so we can make it controllable to that level. What if a user have a remember username and password checkbox? Is that not allowed either? Or if the browser remembers the username or password?

Dynamicweb will keep the login cookie alive for as long as the browser is open - but the session will still expire, but trigger a new silent login if that happens.

To change the expiration of that cookie to 20 mins, you can add this snippet to the end of your master/layout template.

            //Change expiration of the login cookie
            Dynamicweb.Environment.Cookie cookie = Dynamicweb.Context.Current.Request.Cookies["DW_ExtranetSessionCookie"];
            if (cookie != null)
                cookie.Expires = System.DateTime.Now.AddMinutes(20);

Thanks, Nicolai

Michael Fløe Haug

Thanx Nicolai, I will try your snippet on the solution.

I have a link

18.3 Sikkerhedskrav


Alexander Tømmerholen


Is the code above still best practice to log off user after x amount of time has passed? or has there been any changes? We have a customer where they want users to be logged off after 5 mins, because of security reasons. When I tried the code above I was not able to make it work. The solution are running on the newest version of dynamicweb.

Best Regards


You must be logged in to post in the forum