I'm trying to check the Expired property of the user's current FormsAuthenticationTicket to see if the authentication period has expired. But when the period has expired, I'm never able to get enough information to even create the ticket to check. I've tried this:
FormsIdentity id = (FormsIdentity)User.Identity;
FormsAuthenticationTicket ticket = id.Ticket;
But User is null when the authentication period has expired. So that won't work. I've tried this:
HttpCookie authCookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
But the Forms Cookie is gone when the authentication period has expired, meaning authCookie will be null. So that doesn't work.
Is there any way to actually get the FormsAuthenticationTicket object when the authentication period has expired? There must be, because there's an "Expired" property in the object. What am I missing?
Thanks.
An expired cookie is left out of the headers by the client browser. So there is no code-behind method of retrieving it since the client will never give it to you. It might be possible to use javascript cookies to retrieve the raw cookie data and put it into a post header or AJAX call for some purpose, but I believe the javascript cookie mechanism has the same expiration restrictions as the browser. Expired cookies are no longer valid, and thus not accessible.