0

I have a requirement to ensure the session expires only after 8 hours. However, users continually say they are getting kicked out multiple times throughout the day

Here are the settings I have:

  1. web.config:

    forms name=".MYUNIQUFORMSAUTH" loginUrl="/Login" enableCrossAppRedirects="true" requireSSL="false" timeout="480"

  2. IIS 7 - application pool - Idle Timeout set to 480

  3. ASP --> Session Properties --> 8:00:00

Am I missing something?

Improve this question
2
  • Are you sure the apppool is not being recycled or iis restarted? Commented Nov 18, 2014 at 0:05
  • This is deployed on a client server but I know IIS would not be getting restarted in business hours. Would the apppool recycle be a manual process? I doubt they would be recycling. Commented Nov 18, 2014 at 15:32

1 Answer 1

Reset to default
0

You are setting incorrect attribute in your web.config.

Instead of setting:

<forms timeout="480" ... />

Specifies the time, in integer minutes, after which the cookie expires.

you should set:

<sessionState timeout="480" ... />

Specifies the number of minutes a session can be idle before it is abandoned.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.