Last post Apr 09, 2019 02:53 AM by Ackerly Xu
Apr 08, 2019 03:20 PM|jason2widener|LINK
I am using asp.net forms authentication for our website. User is getting signed out in every 20 mins when they are not doing anything on website. I made change on App Pool in IIS and changed the Idle Time-Out to 60 mins. I also tried changing the webconfig.
I added timeout=120 in <authentication> tag and also added timeout=120 in sessionState tag. But none of these is working. Can someone please help me in increasing the signout time for the user. I want to make it as much as possible.
<sessionState mode="InProc" customProvider="DefaultSessionProvider" timeout="120">
<forms defaultUrl="Welcome" name=".ASPNETAUTH" loginUrl="~/Login/LoginView" timeout="120" slidingExpiration="true"></forms>
Apr 08, 2019 03:29 PM|mgebhard|LINK
Setting the timeouts as descried should work. Keep in mind the users must login again to get the updated auth cookie.
Apr 08, 2019 03:58 PM|jason2widener|LINK
I tired all these already but it is not working.
Apr 09, 2019 02:53 AM|Ackerly Xu|LINK
Please check your auth cookie's timeout to see whether it is right. Click the icon on the left of your address bar in chrome browser to see cookies
To prevent in-memory session is lost through application pool recycle, you could use out-of-process session or sql server database.
Also please ensure you don't have other logic which covers the default behavior of webform forms authentication.