C#.NET How to set session time out to 6 hours with forms authentication?

c# asp.net session-timeout
11,970

Solution 1

There are some other timeout values that will affect session time out. One of them that comes to my mind is Worker Process Timeout(that is set from IIS). Worker Process's default time out is 20 mins, so if there is no activity in your site for 20 mins the worker process will end and causing your session to end if you are using session in InProc mode. So getting Worker Process's timeout value to 360 minutes is what you may need as well.

Solution 2

try this setting:

<authentication mode="Forms"> <forms timeout="360" slidingExpiration="true"/> </authentication>

couple things to check also:

  • if your FormsAuthenticationTicket is created with a lower cookie timeout value, that could override

  • if the application pool "shutdown worker processes" interval is lower, that would reset the state earlier

Solution 3

Instead of setting a session timeout, you could implement a mechanism to keep the session alive, eg: refresh the page or make an ajax call etc.

You could add to this by implementing a maximum login time, that can be checked etc

Solution 4

You need to adjust timeout and slidingExpiration:

<authentication mode="Forms">
    <forms requireSSL="false"
        defaultUrl="Default.aspx"
        loginUrl="Login.aspx"
        path="/"
        slidingExpiration="false"
        timeout="360"
        name=".ASPXFORMSAUTH">
    </forms>
</authentication>

Solution 5

Step by Step Instructions Configure Idle Worker Process Page-Out for a Single Application Pool 1.Open IIS Manager.

2.Select Applications Pools in the Connections pane, select an application pool in the Application Pool pane, and then click Advanced Settings... in the Actions pane.

3.In the Advanced Settings dialog box, under Process Model, Optionally set the Idle Time-out value from the default 20 minutes to a different time period.

4.Click OK.

Share:
11,970
Martijn
Author by

Martijn

Updated on July 14, 2022

Comments

  • Martijn
    Martijn almost 2 years

    In my application I use Forms Authentication and sessions. How do I take care that the user is logged out after a period of 6 hours?

    In my web.config I set the sessions time-out to 360 minutes. But after a period of 10 minutes of inactivity I have to login again.

    I also set my forms authentication timeout to 360 minutes. What is it I am doing wrong?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Auto redirect to login after session timeout
What is the best approach to handle session timeouts in asp.net
Session_End in Global.asax.cs not firing using forms authentication
How can I solve FileSystemException: Cannot retrieve length of file, path ='...' (OS Error: No such file or directory, errno = 2)
System.Web.HttpContext.Current.get returned null in asp.net mvc controller
Visual Studio Project Backup
Cannot convert from 'string' to 'System.Net.Http.HttpRequestMessage'
Google Drive API - Search all files inside a root folder and sub folders in C#
Update gridview without refreshing the page
how to update table data in sql database