I have a role based ASP.NET C# web application in which I am putting the menu object inside a session and I have a session timeout configured in the web.config as below:
<forms defaultUrl="Home.aspx" loginUrl="Login.aspx" name=".ASPXFORMSAUTH" timeout="10"></forms>
I first logged into the system as an employee and waited until the session expires and then when I click a link in the menu I am being rightly redirected to the login page with the ReturnUrl parameter. Now when I try to login to the system as an administrator I am still seeing the employee menu and not the admin menu. The method which loads the menu 1st checks to see if the menu session object is not null if so loads the menu from the session if not then it builds the menu and put it into session. So when the system timesout the menu session object is not being cleared. How can I fix this?