2004-08-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>

	* FormsAuthenticationModule.cs: don't renew expired cookies. Only renew
	the cookie if SlidingExpiration is set. Thanks to Jim Pease.

svn path=/branches/mono-1-0/mcs/; revision=32677

2 files changed, 11 insertions, 1 deletions

diff --git a/mcs/class/System.Web/System.Web.Security/ChangeLog b/mcs/class/System.Web/System.Web.Security/ChangeLog
index cf7612e3ae3..18d1dade663 100644
--- a/mcs/class/System.Web/System.Web.Security/ChangeLog
+++ b/mcs/class/System.Web/System.Web.Security/ChangeLog
@@ -1,3 +1,8 @@
+2004-08-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
+
+	* FormsAuthenticationModule.cs: don't renew expired cookies. Only renew
+	the cookie if SlidingExpiration is set. Thanks to Jim Pease.
+
 2004-06-12  Pedro Martínez Juliá  <yoros@wanadoo.es>
 
 	* FormsAuthentication.cs: Undo last change.
diff --git a/mcs/class/System.Web/System.Web.Security/FormsAuthenticationModule.cs b/mcs/class/System.Web/System.Web.Security/FormsAuthenticationModule.cs
index f46923ad5b8..ac9f3c31327 100644
--- a/mcs/class/System.Web/System.Web.Security/FormsAuthenticationModule.cs
+++ b/mcs/class/System.Web/System.Web.Security/FormsAuthenticationModule.cs
@@ -82,7 +82,12 @@ namespace System.Web.Security
 				return;
 
 			FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt (cookie.Value);
-			ticket = FormsAuthentication.RenewTicketIfOld (ticket);
+			if (ticket == null || ticket.Expired)
+				return;
+
+			if (config.SlidingExpiration)
+				ticket = FormsAuthentication.RenewTicketIfOld (ticket);
+
 			context.User = new GenericPrincipal (new FormsIdentity (ticket), new string [0]);
 
 			cookie.Value = FormsAuthentication.Encrypt (ticket);