According to your code and description, I would like to suggest you check your code to see if there is anything breaking. Because, we could set the
timeout session attribute in the Web.config file and the code-behind file. The following is a sample, you could refer to it:
If we set the timeout session attribute like this, the session's expire time is 1 minute. So, please check you code.
If you have any other questions about my reply, please let me know freely.
Best Regards,
Dillion
.NET forums are moving to a new home on Microsoft Q&A, we encourage you to go to Microsoft Q&A for .NET for posting new questions and get involved today.
According to your code and description, I would like to suggest you check your code to see if there is anything breaking.
My guess is that the OP is confusing session timeout with forms authentication timeout - a very common cause for confusion. Many people try to increase the amount of time a user is logged in by increasing the session timeout, and when the user is logged
out earlier than expected, they believe that the session has expired. In fact, the forms authentication cookie has expired. That's what I have asked the OP what makes them think that the session is timing out early.
@pradipthite: you have yet to come back and answer my question, but if what I said above seems possible, you should increase the value of your forms authentication timeout in the web.config, not the session timeout value.
if you want long session timeouts, you should not use the in-proc session provider. you should switch the sqlserver provider, then you can have session stored for weeks (use persistent cookie).
I agree with Mike regarding the Forms Authentication and the actual Session timeouts. This appears to happen all of the type due to the fact that people often refer to the act of a user being logged in as a "Session" and just associate the two.
If this is occurring after 20 minutes, it's very likely an Idle Timeout through IIS (seen in the third section below). I'll paste the following which I have posted in the past and contains all of the necessary steps to change all of these various
timeouts (Forms Authentication, Session and IIS Idle Timeouts) :
There are quite a few ways to set timeouts within .NET (Session Timeouts, Forms Authentication Timeouts and IIS-related Timeouts) so a few things could be going wrong here so I'll detail each of them below.
Setting the SessionState Timeout within your web.config
You can update the timeout property of your Session State (if that is what is actually timing out) within your web.config file in the <sessionState> element as shown below (default of 20 minutes shown below):
Setting the Forms Authentication Timeout within your web.config
You can adjust the specific timeout property of your Forms Authentication in your application by adjusting the timeout property within the <authentication> element of your web.config file. You will also want to be mindful that if you are using the slidingExpiration
property in conjunction with timeouts as they can actually expire much earlier than the timeout listed.
However, if you are using the slidingExpiration property, the authentication token can expire when half of the timeout duration has elapsed. So you'll likely want to double your timeout value if you are using it :
Setting the Application IdleTimeout property within IIS
You may need to check what your timeout is configured for within IIS, as this timeout will override the timeouts defined in your web.config.
Within IIS there is a setting called Idle Timeout, which defaults at 20 minutes. This could explain your early timeout issue and you may want to consider adjusting this property within IIS. Based on your issue, this could likely be the culprit :
None
0 Points
16 Posts
How to increase session time in asp.net
Sep 23, 2014 02:45 AM|pradipthite|LINK
hello friends,
i am developing one application where i want to increase session timeout...i have set timeout in web.config file but it seems to be not working..
<sessionstate mode="InProc" timeout="2000"> please help me friends..
All-Star
194434 Points
28074 Posts
Moderator
Re: How to increase session time in asp.net
Sep 23, 2014 03:18 AM|Mikesdotnetting|LINK
What makes you think it's not working?
None
0 Points
16 Posts
Re: How to increase session time in asp.net
Sep 23, 2014 04:35 AM|pradipthite|LINK
I had set it but its not properly working ,after 20 minutes it is automatically closed...
so please resolve my this problem by giving me a reply as early as possible to you..
thanks...
All-Star
194434 Points
28074 Posts
Moderator
Re: How to increase session time in asp.net
Sep 23, 2014 04:41 AM|Mikesdotnetting|LINK
I'll ask again - what evidence do you have that makes you think that the session still times out after 20 minutes?
All-Star
45489 Points
7008 Posts
Microsoft
Re: How to increase session time in asp.net
Sep 24, 2014 05:28 AM|Zhi Lv - MSFT|LINK
Hi pradipthite,
According to your code and description, I would like to suggest you check your code to see if there is anything breaking. Because, we could set the timeout session attribute in the Web.config file and the code-behind file. The following is a sample, you could refer to it:
Code in Web.config file:
Code in Page (.aspx.cs)
If we set the timeout session attribute like this, the session's expire time is 1 minute. So, please check you code.
If you have any other questions about my reply, please let me know freely.
Best Regards,
Dillion
All-Star
194434 Points
28074 Posts
Moderator
Re: How to increase session time in asp.net
Sep 24, 2014 06:17 AM|Mikesdotnetting|LINK
My guess is that the OP is confusing session timeout with forms authentication timeout - a very common cause for confusion. Many people try to increase the amount of time a user is logged in by increasing the session timeout, and when the user is logged out earlier than expected, they believe that the session has expired. In fact, the forms authentication cookie has expired. That's what I have asked the OP what makes them think that the session is timing out early.
@pradipthite: you have yet to come back and answer my question, but if what I said above seems possible, you should increase the value of your forms authentication timeout in the web.config, not the session timeout value.
Alternatively, your sessions might be cut short by the application pool associated with your site being recycled. By default, if there are no requests at all to your site for 20 minutes, the worker process will shut down killing your sessions. You will need access to IIS to change this: http://technet.microsoft.com/en-us/library/cc771956(v=ws.10).aspx. If you cannot change the setting, you could try using AJAX to keep your sessions alive: http://www.beansoftware.com/ASP.NET-Tutorials/Keep-Session-Alive.aspx
All-Star
58164 Points
15646 Posts
Re: How to increase session time in asp.net
Sep 24, 2014 11:06 AM|bruce (sqlwork.com)|LINK
if you want long session timeouts, you should not use the in-proc session provider. you should switch the sqlserver provider, then you can have session stored for weeks (use persistent cookie).
All-Star
114593 Points
18503 Posts
MVP
Re: How to increase session time in asp.net
Sep 24, 2014 12:05 PM|Rion Williams|LINK
I agree with Mike regarding the Forms Authentication and the actual Session timeouts. This appears to happen all of the type due to the fact that people often refer to the act of a user being logged in as a "Session" and just associate the two.
If this is occurring after 20 minutes, it's very likely an Idle Timeout through IIS (seen in the third section below). I'll paste the following which I have posted in the past and contains all of the necessary steps to change all of these various timeouts (Forms Authentication, Session and IIS Idle Timeouts) :
There are quite a few ways to set timeouts within .NET (Session Timeouts, Forms Authentication Timeouts and IIS-related Timeouts) so a few things could be going wrong here so I'll detail each of them below.
Setting the SessionState Timeout within your web.config
You can update the timeout property of your Session State (if that is what is actually timing out) within your web.config file in the <sessionState> element as shown below (default of 20 minutes shown below):
so you could simply change this to the number of minutes that you wanted. For instance 3 hours would be :
Setting the Forms Authentication Timeout within your web.config
You can adjust the specific timeout property of your Forms Authentication in your application by adjusting the timeout property within the <authentication> element of your web.config file. You will also want to be mindful that if you are using the slidingExpiration property in conjunction with timeouts as they can actually expire much earlier than the timeout listed.
So if you wanted to extend the amount that the authentication token stays "alive" for to say 180 minutes (3 hours), you would set it as seen below :
However, if you are using the slidingExpiration property, the authentication token can expire when half of the timeout duration has elapsed. So you'll likely want to double your timeout value if you are using it :
Setting the Application IdleTimeout property within IIS
You may need to check what your timeout is configured for within IIS, as this timeout will override the timeouts defined in your web.config.
Within IIS there is a setting called Idle Timeout, which defaults at 20 minutes. This could explain your early timeout issue and you may want to consider adjusting this property within IIS. Based on your issue, this could likely be the culprit :
Scott Hanselman also addresses strange issues that can occur when dealing with timeouts when using Forms Authentication in this blog post as well.