Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Nov 07, 2012 01:45 PM by hans_v
Nov 06, 2012 09:39 AM|LINK
Hi, I'm using asp.net forms auth.. My app is timeout withing few seconds.
What should be the reason
Nov 06, 2012 09:42 AM|LINK
You can set your own time
Nov 06, 2012 10:07 AM|LINK
Nov 06, 2012 12:51 PM|LINK
You will need to elaborate on what's actually going wrong. What part of your app is failing, what does the user see, what's the part of your code that detects this, etc?
Nov 07, 2012 04:06 AM|LINK
Here is my config file
<sessionState mode="InProc" timeout="60"></sessionState>
<customErrors mode="Off" />
<deny users="?" />
<forms loginUrl="~/Account/Login.aspx" protection="All" timeout="30" />
And when auto login i used below code for update the member.
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, user.Email, DateTime.Now, DateTime.Now.AddMinutes(60), true, "ClientMaster", FormsAuthentication.FormsCookiePath);
Wrong is when i wait less than 1 min and try to browse the site, it will redirect me to the login page.
Nov 07, 2012 08:56 AM|LINK
Ok here you need to do 2 changes,
1)Set sliding expiration true(even if default is true)
2)Set the timeout to more than session timeout (May be sessiontimeout * 2) yours is 60 so I am setting to 120 you can change if you want but it should be greater that session timeout.
slidingExpiration = "true"
Let me know if it doesn't work. Please dont forget to mark as answer if resolved.
Nov 07, 2012 12:30 PM|LINK
If you are using IIS 7, Check
this article for session timeout problem resolution. It will definately help to resolve your problem as I have faced similar issue and later on decided to write the resolution steps so that others can also be benefited.
Hope it helps !!!
Nov 07, 2012 01:45 PM|LINK
Most likely your application pool recycles frequently. This is a very common issue on shared hosted environments. When the applicaton pool recycles, and you're using session state mode InProc (the dafault), all sessions are lost. But that doesn't affect
your authentication. But if you didn't specify a machinekey in your web.config, authenticaton cookies can become invalid also. This is because this key is used to encrypt and decrypt the authentication cookie. If you didn't specify a macinekey, ASP.NET will
generate one for you. But sometimes (I'm not sure when because this isn't very wel documented in MSDN), when the application pool recycles, ASP.NET will generate a new key (MSDN says that it will generate the same key everytime but this is not always the case).
When this happens, authenticaton cookies encrypted using the previous key cannot be decrypted using the new key, so the cookie isn't valid anymore. To overcome this problem, add a machinekey to web.config, so the same key is used each and every time