Hi all,

I have been playing around with Issue Tracker source code, however I couldn't figure out how to extend the session timeout.  I believe the current timeout is around 20 minutes, which coincides with the default session state timeout.  But i found out that the session state is not defined in the web.config file.  This is because the Issue Tracker does not use the session state at all.  So by setting session state timeout to a longer time does not solve the problem.  Since Issue Tracker uses forms based authentication, it checks for (Request.IsAuthenticated == true) in the global.asax file.  A user is redirected to the login page if Request.IsAuthenticated returns false.  Apparently Request.IsAuthenticated is set to false after 20 minutes of idle time.  This is strange because the authentication ticket is set to expire in 10 hours (line 124 in global.asax.cs file) instead of 20 minutes.  And it seems to me Request.IsAuthenticated is not controlled by the authentication ticket because even if i manually delete the cookie immediately after I login, the Request.IsAuthenticated still returns true. 

Can anyone tell me how to extend the timeout so that Request.IsAuthenticated does not return false in like 1 hour?  Thanks.

Chris Shi

MCAD

in web.config file find <sessionState> node:

<sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424" sqlConnectionString="data source=127.0.0.1;

user id=sa;password=" cookieless="false" timeout="20" />

default is 20 - change it and that's it

And also can try the followings:

// Create a new ticket used for authentication
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(  1, // Ticket version          .