Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Feb 15, 2013 07:04 AM by jnc
Feb 14, 2013 05:02 PM|LINK
I am hosting on a new VPS website and I am very unfamiliar,
I don’t know if this is relevant but I am in the UK and the Server is in the US my VPS server time is GMT
In my web.config I have <sessionState timeout="360" />
and when I save my cookies I am setting expiry + 12 hours
clearly I am missing something any ideas anyone?
Feb 14, 2013 05:57 PM|LINK
Your host provider might be limiting the session timeout. I'd check with them on that.
Feb 14, 2013 06:01 PM|LINK
I have full control of Server 2008 web edition, I am afraid it is me,
where do I look?
Feb 14, 2013 10:37 PM|LINK
Most likely, your application pool recycles frequently. When you're using the default SessionState Mode "InProc", All sessions are destroyed. To overcome this, you need to use another SessionState Mode
But Forms Authentication has nothing to do with Session, it is using cookies. But the cookies are encrypyed and decrypted using the machinekey section in your web.config. If you didn't specify one, ASP.NET will create one for you. But when the application
pool recycles, ASP.NET will create a new key, and the cookies that are encrypted using the previous key cannot be decrypted using the new key, so users are redirected to the login page. The solution is to add a machinekey section to web.config, so the same
key is used on each and every request.
Also, try to find out why your application pool is recycling frequently?
Feb 15, 2013 07:04 AM|LINK
Very interesting, all makes sense
My App Pool was set to recycle every 30 mins I returned that to 1740
I have turned off Machine key auto generation and added one to web.config
Session timeout is 720
I have done sone 30 min test I am now half way into an hour