Session timeout in ASP NET

Question

I am running an ASP NET 2 0 application in IIS 6 0  I want session timeout to be 60 minutes rather than the default 20 minutes  I have done the following   Set  lt sessionState timeout  60  gt  lt  sessionState gt  in web config  Set session timeout to 60 minutes in IIS manager Web site properties ASP NET configuration settings  Set idle timeout to 60 minutes in application pool properties performance    I am still getting a session timeout at 20 minutes  Is there anything else I need to do

User · Answer

if you are want session timeout for website than remove   lt authentication mode  Forms  gt         lt forms timeout  50   gt   lt  authentication gt    tag from web config file

User · Answer

If you are using Authentication  I recommend adding the following in web config file   In my case  users are redirected to the login page upon timing out    lt authentication mode  Forms  gt       lt forms defaultUrl  Login aspx  timeout  120   gt   lt  authentication gt

User · Answer

The default session timeout is defined into IIS to 20 minutes  Follow the procedures below for each site hosted on the IIS 8 5 web       Open the IIS 8 5 Manager       Click the site name       Select  Configuration Editor  under the  Management  section       From the  Section   drop-down list at the top of the configuration   editor  locate  system web sessionState        Set the  timeout  to  00 20 00 or less     using the lowest value   possible depending upon the application  Acceptable values are 5   minutes for high-value applications  10 minutes for medium-value   applications  and 20 minutes for low-value applications       In the  Actions  pane  click  Apply

User · Answer

Do you have anything in machine config that might be taking effect   Setting the session timeout in web config should override any settings in IIS or machine config  however  if you have a web config file somewhere in a subfolder in your application  that setting will override the one in the root of your application   Also  if I remember correctly  the timeout in IIS only affects  asp pages  not  aspx   Are you sure your session code in web config is correct   It should look something like     lt sessionState     mode  InProc      stateConnectionString  tcpip 127 0 0 1 42424      stateNetworkTimeout  60      sqlConnectionString  data source 127 0 0 1 Integrated Security SSPI      cookieless  false      timeout  60    gt

User · Answer

IIS sessions timeout value is for classic  asp applications only  this is controlled on IIS configuration   In your case For ASP NET apps  only the web config-specified timeout value applies

User · Answer

The Timeout property specifies the time-out period assigned to the Session object for the application  in minutes  If the user does not refresh or request a page within the time-out period  the session ends      IIS 6 0  The minimum allowed value is 1 minute and the maximum is   1440 minutes    Session Timeout   600

User · Answer

That is usually all that you need to do     Are you sure that after 20 minutes  the reason that the session is being lost is from being idle though     There are many reasons as to why the session might be cleared  You can enable event logging for IIS and can then use the event viewer to see reasons why the session was cleared   you might find that it is for other reasons perhaps   You can also read the documentation for event messages and the associated table of events

User · Answer

I don t know about web config or IIS  But I believe that from C  code you can do it like   Session Timeout   60     60 is number of minutes

User · Answer

Use the following code block in your web config file  Here default session time out is 80 mins    lt system web gt    lt sessionState mode  InProc  cookieless  false  timeout  80    gt   lt  system web gt    Use the following link for Session Timeout with popup alert message   Session Timeout Example  FYI The above examples is done with devexpress popup control so you need to customize replace devexpress popup control with normal popup control  If your using devexpress no need to customize

User · Answer

You can find the setting here in IIS     It can be found at the server level  web site level  or app level under  ASP    I think you can set it at the web config level here  Please confirm this for yourself    lt configuration gt      lt system web gt          lt  -- Session Timeout in Minutes  Also in Global asax  -- gt          lt sessionState timeout  1440   gt       lt  system web gt   lt  configuration gt

User · Answer

Since ASP Net core 1 0  vNext or whatever name is used for it  sessions are implemented differently  I changed the session timeout value in Startup cs  void ConfigureServices using   services AddSession options   gt  options IdleTimeout   TimeSpan FromSeconds 42      Or if you want to use the appsettings json file  you can do something like      Appsettings json  SessionOptions          IdleTimeout    00 30 00        Startup cs services AddSession options   gt  options IdleTimeout   TimeSpan Parse Config GetSection  SessionOptions    IdleTimeout

User · Answer

In my situation  it was Application Pool  It is set to restart when idle for xx mins  When I set it to not restart  it seems to use value from Web Config

User · Answer

https   usefulaspandcsharp wordpress com tag session-timeout    lt authentication mode  Forms  gt     lt forms loginUrl  Login aspx  name   ASPXFORMSAUTH  timeout  60  slidingExpiration  true    gt   lt  authentication gt    lt sessionState mode  InProc  timeout  60    gt

User · Answer

Are you using Forms authentication   Forms authentication uses it own value for timeout  30 min  by default   A forms authentication timeout will send the user to the login page with the session still active  This may look like the behavior your app gives when session times out making it easy to confuse one with the other    lt system web gt       lt authentication mode  Forms  gt             lt forms timeout  50   gt       lt  authentication gt        lt sessionState timeout  60     gt   lt  system web gt    Setting the forms timeout to something less than the session timeout can give the user a window in which to log back in without losing any session data

User · Answer

After changing the session timeout value in IIS  Kindly restart the IIS  To achieve this go to command prompt  Type IISRESET and press enter

[asp.net] Session timeout in ASP.NET

Examples related to asp.net

Examples related to session

Examples related to timeout