It seems there is no functionlity behind in Remember Password (Check box) in Login page. Any work around on this?
Thanks
venkat
Remember Me Check box not working
- 714
- 9597
- 12/08/2009
- United States
Bunster wrote:
There is nothing that needs to be set, the Login property RememberMeSet is, by default, set to true in Modules\CustomerLogin.ascx (see lines 67-69) for version 1.40. When you log in with the checkbox checked, a cookie is stored in your browser (expires after 30 days -set in web.config) that will authenticate you for future sessions.
The "Remember Me" feature won't work if your browser is removing the cookies (after the session) or you log out. If you log out, the cookie will be removed and you will have to log in for your next session. Note, for security purposes, you (and your site's customers) should log out at the end of a session if you are using a public or shared computer to access your site.
Reference MSDN: Login.RememberMeSet Property
.
Is there a switch that must be flipped in order for the Remember Me to actually work? It's checked when I log in with my sample IDs, but it never does remember me from session to session.
There is nothing that needs to be set, the Login property RememberMeSet is, by default, set to true in Modules\CustomerLogin.ascx (see lines 67-69) for version 1.40. When you log in with the checkbox checked, a cookie is stored in your browser (expires after 30 days -set in web.config) that will authenticate you for future sessions.
The "Remember Me" feature won't work if your browser is removing the cookies (after the session) or you log out. If you log out, the cookie will be removed and you will have to log in for your next session. Note, for security purposes, you (and your site's customers) should log out at the end of a session if you are using a public or shared computer to access your site.
Reference MSDN: Login.RememberMeSet Property
.
- 69
- 1236
- 19/03/2010
- United States
There are some circumstances, however, when the 'remember me', or the cookie, or something, doesn't 'stick'. When I log in to my nopcommerce site (in the process of being set up), if I am in the administration section, a login lasts 2-3 minutes at most before I am taken back to the login screen. in the store area, again a login lasts 2-3 minutes before I get logged off. This happens within a single browser session. I have tested it on two computers on my network, with both firefox and with IE8. I tried specificly setting IE8 to accept cookies from my website, to no avail. I found the timeout = "43200" in the <authenticatoin> section of web.config, that seems correct(60 minutes X 24 hours X 30 days = 43200).
I have to use a satellite service as my ISP. My understanding is that with this service my IP address can appear to change every few minutes. I suspect this is part or all of the problem, but I am well out of my area of expertise when it comes to network issues.
It is interesting that I have stayed logged on to this site for probably 10 minutes now, so a solution must exist.
At any rate the problem brought up be the original poster can be real.
Any ideas appreciated.
I have to use a satellite service as my ISP. My understanding is that with this service my IP address can appear to change every few minutes. I suspect this is part or all of the problem, but I am well out of my area of expertise when it comes to network issues.
It is interesting that I have stayed logged on to this site for probably 10 minutes now, so a solution must exist.
At any rate the problem brought up be the original poster can be real.
Any ideas appreciated.
- 69
- 1236
- 19/03/2010
- United States
Setting the machineKey in web.config does the trick! Problem solved. I did, however, get the following error in the log file:
Log type: Unknown
Severity: 11
Message: Length of the data to decrypt is invalid.
Exception: System.Security.Cryptography.CryptographicException: Length of the data to decrypt is invalid. at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at System.Security.Cryptography.CryptoStream.FlushFinalBlock() at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo) at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType) at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
IP address: 75.106.192.54
I used a 256 bit decryption key and a 512 bit validation key. I suspect that they are too long and got truncated. What key lengths are correct? 128? Thanks for the help. Been very enlightening.
Log type: Unknown
Severity: 11
Message: Length of the data to decrypt is invalid.
Exception: System.Security.Cryptography.CryptographicException: Length of the data to decrypt is invalid. at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at System.Security.Cryptography.CryptoStream.FlushFinalBlock() at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo) at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType) at System.Web.Handlers.AssemblyResourceLoader.System.Web.IHttpHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
IP address: 75.106.192.54
I used a 256 bit decryption key and a 512 bit validation key. I suspect that they are too long and got truncated. What key lengths are correct? 128? Thanks for the help. Been very enlightening.