Dealing with cookies expiration in forms authentication in MOSS sites

Few days back I was looking at a time out issue in a MOSS site having forms authentication. Even after setting the timeout to be 10 hours in the site and in IIS, still the authentication cookie seem to expire.

Then I found a simple solution. The timeout attribute should be given in web.config of the site in question. Open the web.config of the site, and look for the tag



Below this, there is ought to be a tag. Place the timeout attribute in the forms tag which would look something like as

enableCrossAppRedirects="false" />

Timeout is given in minutes.

For other settings to be done when having forms authentication for a MOSS/WSS site, go through this post:

http://www.cnblogs.com/WCFGROUP/archive/2008/06/02/1212150.html

Additionally, for cookies to be retained in forms authentication enabled subsites, install SP1 on IE 6.0, otherwise they would not be retained and on opening any subsite, user would be prompted again for logging in.