ASP.NET: User won't stay logged in for more than 30 mins

Question

This is really irritating me, and is probably causing the waning usership on my website. I'm using Forms Authentication to log my user in.

I have the "Persist" parameter set to true by default when the user logs in:

RedirectFromLoginPage(userString, True)

and

SetAuthCookie(userString, True)

In my web.Config file I have the "timeout" attribute set to "129600":

<authentication mode="Forms">
    <forms loginUrl="/registration/login.aspx"
    timeout="129600" slidingExpiration="true" />
</authentication>

I called my hosting company and they said the problem has to be with my code. I don't believe this is the case.

What the #(@%&@(#%&@(#*% could be wrong??

EDIT This used to work fine until I switched hosts. That led me to believe that it was not my code, but in fact the host.

EDIT 2 In response to a comment to use Fiddler, here's what I get from Fiddler when I load the page:

Set-Cookie: .ASPXAUTH=; expires=Tue, 12-Oct-1999 07:00:00 GMT; path=/; HttpOnly
Set-Cookie: .ASPXAUTH=[some gobbledygook]; 
  expires=Sun, 15-Nov-2009 20:46:29 GMT; path=/; HttpOnly
Set-Cookie: ASP.NET_SessionId=vudqghfplqnh5hz1qw1cwebt; path=/; HttpOnly

Answer 1

There are a number of things that could be causing a timeout. This Blog provides a great overview.

Answer 2

Don't forget to use sessionstate timeout.

Answer 3

You could use Fiddler to verify the expiration date set on the cookie that comes back from the login page.

Answer 4

The cause of this behavior for me is usually the IIS Idle Timeout.

Answer 5

Your app pool could be recycling - either on some set time period, or based on a threshold on memory or processor. If it used to work fine, and nothing else changed, I think that would be where I would investigate first.