I couldn’t resist but write about the solution to the following problem as I have spent several hours on this.

If you are on .Net and you don’t want the user to type his username/password every time he comes to your website (even if he closes the browser and opens it again), you would typically use .Net’s Forms Authentication’s persistent cookie feature.

In your project you would use the following code:

1
2
//c# code
FormsAuthentication.SetAuthCookie(userName, true /*createPersistentCookie*/);
1
2
3
4
5
<!--web.config-->
<authentication mode="Forms">
        <!--2880 minutes is 48 hours-->
	<forms loginUrl="~/Account/SignIn" timeout="2880"/>
</authentication>

The above solution works well on all major desktop browsers but does not work on iPhone/iPad/iPod browsers like Safari & Chrome. I am not mentioning Opera because it does not behave the way modern browsers do.

I have spent several days looking for the solution.

The second suggestion from Scott Hanselman along with this suggestion from Brian Y worked only partially.

STEP 1:

Scott suggests adding cookieless=”UseCookies” attribute as follows.

1
2
3
<authentication mode="Forms" >
  <forms loginUrl="~/Account/SignIn" timeout="2880" cookieless="UseCookies" />
</authentication>

STEP 2:

Brian suggests adding the following xml block to a .browser (browser definition file) file under App_Browsers folder in the project. Read the above Scott’s article to know about browser definition files.

1
2
3
4
5
6
<!--This is part of browser definition file remember. Not web.config. -->
<browser refID="Mozilla" >
    <capabilities>
        <capability name="cookies"  value="true" />
    </capabilities>
</browser>

This worked partially. In the sense, if the user closed the browser and opened it again, it remembered the cookies and signed in without asking for the user credentials. But it ignored timeout=”2880″. So it worked only for 30 minutes.

And finally, few more days of hunting brought me to this article with suggests adding machineKey element to your web.config.

STEP 3:
The above mentioned article suggests generating machineKey from this online tool and adding it to your web.config.

That’s it!! Combination of STEP 1, STEP 2 & STEP 3 above will bring you to a working solution.

I was extremely thrilled to see Safari & Chrome working past several hours. This was not an easy thing to crack. Thanks to all the people involved in providing different solution to this problem.

Thanks to the readers :)