We have an asp.net application based on Asp.NET 3.5. This application is an internal application and has about 600 users in our company. Is it reasonable to set 9 hours session timeout for asp.net application? We also need to set its application pool idle
time as 9 hours to make the session timeout 9 hours work. How to consider the tradeoff for the application pool, IIS working thread, server memory if we set session timeout as 8 hours? Any hyperlinks / articles talking about this topic? Thanks!
This article just talks about how to avoiding using Session. But in our application, Session iss used at hundreds of places, and we cannot change them now. Any other ideas? Thanks!
Hundreds? Usually you try to use session as less than possible. You could also configure a SQL Server provider so that it goes in a db instead.
So a user is allowed to stay away from the site up to 8 hours and still the session is up and running? I would say that one hour seems already a maximum to me...
Member
3 Points
63 Posts
Is it reasonable to set 8 hours session timeout for asp.net application?
Nov 26, 2014 05:48 PM|whuili_2006|LINK
We have an asp.net application based on Asp.NET 3.5. This application is an internal application and has about 600 users in our company. Is it reasonable to set 9 hours session timeout for asp.net application? We also need to set its application pool idle time as 9 hours to make the session timeout 9 hours work. How to consider the tradeoff for the application pool, IIS working thread, server memory if we set session timeout as 8 hours? Any hyperlinks / articles talking about this topic? Thanks!
All-Star
20376 Points
6505 Posts
ASPInsiders
MVP
Re: Is it reasonable to set 8 hours session timeout for asp.net application?
Nov 26, 2014 07:43 PM|BrockAllen|LINK
For consideration:
http://brockallen.com/2012/04/07/think-twice-about-using-session-state/
DevelopMentor | http://www.develop.com
thinktecture | http://www.thinktecture.com/
Member
3 Points
63 Posts
Re: Is it reasonable to set 8 hours session timeout for asp.net application?
Dec 01, 2014 01:16 PM|whuili_2006|LINK
This article just talks about how to avoiding using Session. But in our application, Session iss used at hundreds of places, and we cannot change them now. Any other ideas? Thanks!
All-Star
42400 Points
14510 Posts
Re: Is it reasonable to set 8 hours session timeout for asp.net application?
Dec 01, 2014 01:40 PM|PatriceSc|LINK
Hi,
Hundreds? Usually you try to use session as less than possible. You could also configure a SQL Server provider so that it goes in a db instead.
So a user is allowed to stay away from the site up to 8 hours and still the session is up and running? I would say that one hour seems already a maximum to me...
What is the problem you are trying to solve?