Last post Oct 04, 2014 08:07 PM by hans_v
Oct 02, 2014 04:36 AM|krisomcts|LINK
I have a website which user session object to save some data through out the operation. It seems that the session times out frequently even if the session timeout is set to 1hour.
Is thr any way to prevent session from timing out? it is really annoying, that is why.
Oct 02, 2014 04:46 AM|francissvk|LINK
Are you using shared hosting or dedicated server?
Oct 02, 2014 04:55 AM|krisomcts|LINK
Oct 02, 2014 05:20 AM|francissvk|LINK
Most of the shared hosting have the default time out for the session as 20 minutes. Also, if your hosting provider offer webfarm environment then it will create the problem too.
Please contact your hosting provider.
Oct 04, 2014 07:15 AM|dyyo|LINK
Hope it help
Oct 04, 2014 09:35 AM|Rion Williams|LINK
If this is occurring after 20 minutes, it's very likely an Idle Timeout through IIS (seen in the third section below). I'll paste the following which I have posted in the past and contains all of the necessary steps to change all of these various
timeouts (Forms Authentication, Session and IIS Idle Timeouts) :
There are quite a few ways to set timeouts within .NET (Session Timeouts, Forms Authentication Timeouts and IIS-related Timeouts) so a few things could be going wrong here so I'll detail each of them below.
Setting the SessionState Timeout within your web.config
You can update the timeout property of your Session State (if that is what is actually timing out) within your web.config file in the <sessionState> element as shown below (default of 20 minutes shown below):
<configuration> <system.web> <!-- Adjust the timeout property below --> <sessionState mode="InProc" timeout="20"/></sessionState> </system.web> </configuration>
so you could simply change this to the number of minutes that you wanted. For instance 3 hours would be :
<sessionState mode="InProc" timeout="180"/></sessionState>
Setting the Forms Authentication Timeout within your web.config
You can adjust the specific timeout property of your Forms Authentication in your application by adjusting the timeout property within the <authentication> element of your web.config file. You will also want to be mindful that if you are using the slidingExpiration
property in conjunction with timeouts as they can actually expire much earlier than the timeout listed.
<authentication mode="Forms"> <forms name=".ASPXAUTH" loginUrl="~/Login.aspx" timeout="yourTimeoutInMinutes"></forms> </authentication>
So if you wanted to extend the amount that the authentication token stays "alive" for to say 180 minutes (3 hours), you would set it as seen below :
<authentication mode="Forms"> <forms name=".ASPXAUTH" loginUrl="~/Login.aspx" timeout="180"></forms> </authentication>
However, if you are using the slidingExpiration property, the authentication token can expire when half of the timeout duration has elapsed. So you'll likely want to double your timeout value if you are using it :
<authentication mode="Forms"> <forms name=".ASPXAUTH" loginUrl="~/Login.aspx" timeout="360" slidingExpiration="true"></forms> </authentication>
Setting the Application IdleTimeout property within IIS
You may need to check what your timeout is configured for within IIS, as this timeout will override the timeouts defined in your web.config.
Within IIS there is a setting called Idle Timeout, which defaults at 20 minutes. This could explain your early timeout issue and you may want to consider adjusting this property within IIS. Based on your issue, this could likely be the culprit :
Scott Hanselman also addresses strange issues that can occur when dealing with timeouts when using Forms Authentication in this blog post as
Oct 04, 2014 08:07 PM|hans_v|LINK
In a shared hosting environment, the application pool will recycle frequently. When using (the default) SessionState Mode "InProc", Sessions are stored in Memory. When the application pool recycles, ALL sessions will be lost. So when you want to use Session,
you should use another SessionState Mode: