c# - How does RememberMe setting work with WebSecurity in an MVC project? -



c# - How does RememberMe setting work with WebSecurity in an MVC project? -

in sample/default mvc 4 project, can see when user logs in remember me checkbox on, persistcookie parameter of websecurity.login method set true.

how work? value of persistcookie saved? looked through tables created security feature , not see anywhere user set persist login.

what mechanism enables user log in? presence of .aspxauth cookie? or compare cookie value not seeing.

how work?

by creating persistent cookie.

where value of persistcookie saved?

as file on client machine survives browser restarts.

what mechanism enables user log in?

this mechanism called persistent cookie. cookie considered persistent if when beingness set expires property beingness set date in future. in case browser store cookie on client computer file instead of keeping in memory.

here's illustration of how creating persistent cookie looks in terms of http protocol:

set-cookie: cookiename=cookievalue;path=/;expires=wed, 12-oct-2016 21:47:09 gmt;

and here's how setting session cookie looks not survive browser restarts:

set-cookie: cookiename=cookievalue;path=/;

now go ahead, download fiddler , inspect network traffic see difference.

c# asp.net asp.net-mvc security cookies

Comments

Popular posts from this blog

assembly - What is the addressing mode for ld, add, and rjmp instructions? -

vowpalwabbit - Interpreting Vowpal Wabbit results: Why are some lines appended by "h"? -

Is there a way to convert an HTML page styled with Bootstrap CSS into email-compatible html? -