I am hosting on a new VPS website and I am very unfamiliar,
I don’t know if this is relevant but I am in the UK and the Server is in the US my VPS server time is GMT
In my web.config I have <sessionState timeout="360" />
and when I save my cookies I am setting expiry + 12 hours
Most likely, your application pool recycles frequently. When you're using the default SessionState Mode "InProc", All sessions are destroyed. To overcome this, you need to use another SessionState Mode
But Forms Authentication has nothing to do with Session, it is using cookies. But the cookies are encrypyed and decrypted using the machinekey section in your web.config. If you didn't specify one, ASP.NET will create one for you. But when the application
pool recycles, ASP.NET will create a new key, and the cookies that are encrypted using the previous key cannot be decrypted using the new key, so users are redirected to the login page. The solution is to add a machinekey section to web.config, so the same
key is used on each and every request.
My App Pool was set to recycle every 30 mins I returned that to 1740
I have turned off Machine key auto generation and added one to web.config
Session timeout is 720
I have done sone 30 min test I am now half way into an hour
jnc
Participant
1030 Points
380 Posts
Users getting kicked out
Feb 14, 2013 05:02 PM|LINK
I am hosting on a new VPS website and I am very unfamiliar,
I don’t know if this is relevant but I am in the UK and the Server is in the US my VPS server time is GMT
In my web.config I have <sessionState timeout="360" />
and when I save my cookies I am setting expiry + 12 hours
clearly I am missing something any ideas anyone?
MetalAsp.Net
All-Star
112718 Points
18367 Posts
Moderator
Re: Users getting kicked out
Feb 14, 2013 05:57 PM|LINK
Your host provider might be limiting the session timeout. I'd check with them on that.
jnc
Participant
1030 Points
380 Posts
Re: Users getting kicked out
Feb 14, 2013 06:01 PM|LINK
Thanks
I have full control of Server 2008 web edition, I am afraid it is me,
where do I look?
hans_v
All-Star
35998 Points
6551 Posts
Re: Users getting kicked out
Feb 14, 2013 10:37 PM|LINK
Most likely, your application pool recycles frequently. When you're using the default SessionState Mode "InProc", All sessions are destroyed. To overcome this, you need to use another SessionState Mode
http://msdn.microsoft.com/en-us/library/h6bb9cz9(v=vs.100).aspx
But Forms Authentication has nothing to do with Session, it is using cookies. But the cookies are encrypyed and decrypted using the machinekey section in your web.config. If you didn't specify one, ASP.NET will create one for you. But when the application pool recycles, ASP.NET will create a new key, and the cookies that are encrypted using the previous key cannot be decrypted using the new key, so users are redirected to the login page. The solution is to add a machinekey section to web.config, so the same key is used on each and every request.
http://aspnetresources.com/tools/machineKey
Also, try to find out why your application pool is recycling frequently?
http://blogs.msdn.com/b/johan/archive/2007/05/16/common-reasons-why-your-application-pool-may-unexpectedly-recycle.aspx
jnc
Participant
1030 Points
380 Posts
Re: Users getting kicked out
Feb 15, 2013 07:04 AM|LINK
Thank you
Very interesting, all makes sense
My App Pool was set to recycle every 30 mins I returned that to 1740
I have turned off Machine key auto generation and added one to web.config
Session timeout is 720
I have done sone 30 min test I am now half way into an hour