Forms Authentication is persisted between browser sessions

I have a claims forms-based authentication rig for my sharepoint 2010 website.

Currently when a logged-in user closes the browser and then re-opens 开发者_如何转开发it, they remain logged in.

How to you get the authentication ticket to expire on browser exit?

You can specify the authentication cookie to be non-persistent:

bool createPersistentCookie = false;
FormsAuthentication.SetAuthCookie(userName,createPersistentCookie,cookiePath);

SharePoint 2010 adds a new layer on top of the asp.net authentication mechanism.

This article discusses the problem and how to fix it.

http://jasear.wordpress.com/2011/01/10/sharepoint-2010-set-session-timout-on-a-fba-enabled-site/