Last post Jun 25, 2011 06:22 AM by Ken Tucker
Jun 25, 2011 06:03 AM|gidmeister|LINK
We use session variables to see if our clients are "logged in" to our site. But some clients say they are suddenly logged out. We are thinking maybe the session timed out, though we don't know that for sure. We need to use asp.net for various things,
but we were wondering - if we don't use session variables (we are thinking of using cookies instead), then do we have to worry about timeout? Or will the asp.net page work, even if the user has gone off for a cup of coffee and come back in an hour?
Jun 25, 2011 06:22 AM|Ken Tucker|LINK
Yes you do. You would not want someone to log in and remain log in indefinately so the session has to expire. In the authenication section of the web.config you can set how long the session will last
<forms loginUrl="~/Account/LogOn" timeout="2880" />
Keep in mind that if the app pool your website is in recycles the session will expire also