ASP.NET Authentication sliding expiry time on custom ticket

Question

I am creating my own authentication ticket using the following code:

string formsCookieStr = string.Empty;
FormsAuthenticationTicket ticket = new FormsAuthen         


        

Answer 1

That's configured in the forms section of web.config. The way sliding expiration works is that on each request the ASP.NET engine rewrites the authentication cookie by incrementing the timeout:

Note however that enabling sliding expiration is one of the things considered as bad practice in the ASP.NET Security Practices.