tags:

views:

11713

answers:

6
+2  Q: 

Session timeout in ASP.NET

I am running an ASP.NET 2.0 application in IIS 6.0. I want session timeout to be 60 minutes rather than the default 20 minutes. I have done the following

  1. set in web.config
  2. Set session timeout to 60 minutes in IIS manager/Web site properties/ASP.NET configuration settings
  3. Set idle timeout to 60 minutes in application pool properties/performance.

I am still getting a session timeout at 20 minutes. Is there anything else I need to do?

Thanks

+3  A: 

That is usually all that you need to do...

Are you sure that after 20 minutes, the reason that the session is being lost is from being idle though...

There are many reasons as to why the session might be cleared. You can enable event logging for IIS and can then use the event viewer to see reasons why the session was cleared...you might find that it is for other reasons perhaps?

Try these links for event logging http://technet.microsoft.com/en-us/library/cc786887.aspx http://technet.microsoft.com/en-us/library/cc784734.aspx

davidsleeps  2009-03-16 02:05:31
A: 

I don't know about web.config or IIS. But I believe that from C# code you can do it like 

Session.Timeout = 60;
Dmitris  2009-03-16 02:11:13
+1  A: 

Do you have anything in machine.config that might be taking effect? Setting the session timeout in web.config should override any settings in IIS or machine.config, however, if you have a web.config file somewhere in a subfolder in your application, that setting will override the one in the root of your application.

Also, if I remember correctly, the timeout in IIS only affects .asp pages, not .aspx. Are you sure your session code in web.config is correct? It should look something like: 

<sessionState
    mode="InProc"
    stateConnectionString="tcpip=127.0.0.1:42424"
    stateNetworkTimeout="60"
    sqlConnectionString="data source=127.0.0.1;Integrated Security=SSPI"
    cookieless="false"
    timeout="60"
/>
Cory Larson  2009-03-16 03:20:23
A: 

Well the thing is you might did something wrong so better copy and paste your Web.config session part here.

Check it's :

Pooria  2009-03-16 03:30:20
+15  A: 

Are you using Forms authentication?

Forms authentication uses it own value for timeout (30 min. by default). A forms authentication timeout will send the user to the login page with the session still active. This may look like the behavior your app gives when session times out making it easy to confuse one with the other.

<system.web>
    <authentication mode="Forms">
          <forms timeout="50"/>
    </authentication>

    <sessionState timeout="60"  />
</system.web>

Setting the forms timeout to something less than the session timeout can give the user a window in which to log back in without losing any session data.

HectorMac  2009-03-16 12:04:39
You are right it was the authentication mode setting. Seems ok now. Thanks
klone  2009-03-16 13:46:44
@klone - can you set this answer as your solution, please?
gabe  2009-12-03 15:53:04
+1  A: 

Have you tried recycling the application pool?

Binoj Antony  2009-03-16 14:42:39

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps