Session expiration

The default value is a good figure : 20 minutes.

If you don't plan for your users to stay at any one
page without browsing to other pages for that
long, you could set it at 15 or even 10 minutes.

Setting it to a higher figure will only waste resources
if your users never stay at one page for as long a time
as you set in Session.Timeout .

Remember, Session_OnEnd only executes after
the number of minutes specified in Session.Timeout
has elapsed *without* the user having requested a page.

Juan T. Llibre
ASP.NET MVP
===========
"Chris" <Ch***@discussi ons.microsoft.c om> wrote in message
news:9B******** *************** ***********@mic rosoft.com...

where do you suggest to set this at?
I've heard in the web.config file:
<sessionState mode="InProc" timeout="60">
but I can't seem to get that to work?
What about the global.asax file?
I thought that page by page is over kill?

thanx.

"Ken Cox [Microsoft MVP]" wrote:
In code, it is Session.Timeout

http://msdn.microsoft.com/library/de..._sesoptime.asp

"Vishal" <an*******@disc ussions.microso ft.com> wrote in message
news:14******** *************** *****@phx.gbl.. .
> Hello,
>
> can anybody tell me how I can extend the session
> expiry time? Is it done via code or via IIS? Sorry I am
> new and dont know about this.
>
>

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.794 / Virus Database: 538 - Release Date: 10/11/2004

Nov 19 '05 #4

MattC

And it only executes when using InProc mode.
"Juan T. Llibre" <no***********@ nowhere.com> wrote in message
news:ep******** ******@TK2MSFTN GP15.phx.gbl...

The default value is a good figure : 20 minutes.

If you don't plan for your users to stay at any one
page without browsing to other pages for that
long, you could set it at 15 or even 10 minutes.

Setting it to a higher figure will only waste resources
if your users never stay at one page for as long a time
as you set in Session.Timeout .

Remember, Session_OnEnd only executes after
the number of minutes specified in Session.Timeout
has elapsed *without* the user having requested a page.

Juan T. Llibre
ASP.NET MVP
===========
"Chris" <Ch***@discussi ons.microsoft.c om> wrote in message
news:9B******** *************** ***********@mic rosoft.com...
where do you suggest to set this at?
I've heard in the web.config file:
<sessionState mode="InProc" timeout="60">
but I can't seem to get that to work?
What about the global.asax file?
I thought that page by page is over kill?

thanx.

"Ken Cox [Microsoft MVP]" wrote:
In code, it is Session.Timeout

http://msdn.microsoft.com/library/de..._sesoptime.asp

"Vishal" <an*******@disc ussions.microso ft.com> wrote in message
news:14******** *************** *****@phx.gbl.. .
> Hello,
>
> can anybody tell me how I can extend the session
> expiry time? Is it done via code or via IIS? Sorry I am
> new and dont know about this.
>
>

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.794 / Virus Database: 538 - Release Date: 10/11/2004

Nov 19 '05 #5

re:

And it only executes when using InProc mode.
Absolutely.

Sometimes, since 99% of developers use Inproc,
we tend to ignore the more complicated scenarios.

Thanks for pointing that out.

We also need to remember that for Session_OnEnd to fire,
the session state has to exist first, meaning that you have to
have stored some data in the session state and must have
completed at least one request for the session data.

If at least one session data item has not been stored and
requested at least once, Session_OnEnd won't fire, either.

Juan T. Llibre
ASP.NET MVP
===========
"MattC" <m@m.com> wrote in message
news:u4******** ******@TK2MSFTN GP14.phx.gbl... And it only executes when using InProc mode.
"Juan T. Llibre" <no***********@ nowhere.com> wrote in message
news:ep******** ******@TK2MSFTN GP15.phx.gbl...
The default value is a good figure : 20 minutes.

If you don't plan for your users to stay at any one
page without browsing to other pages for that
long, you could set it at 15 or even 10 minutes.

Setting it to a higher figure will only waste resources
if your users never stay at one page for as long a time
as you set in Session.Timeout .

Remember, Session_OnEnd only executes after
the number of minutes specified in Session.Timeout
has elapsed *without* the user having requested a page.
Juan T. Llibre
ASP.NET MVP
===========
"Chris" <Ch***@discussi ons.microsoft.c om> wrote in message
news:9B******** *************** ***********@mic rosoft.com...
where do you suggest to set this at?
I've heard in the web.config file:
<sessionState mode="InProc" timeout="60">
but I can't seem to get that to work?
What about the global.asax file?
I thought that page by page is over kill?

thanx.

"Ken Cox [Microsoft MVP]" wrote:

In code, it is Session.Timeout

http://msdn.microsoft.com/library/de..._sesoptime.asp

"Vishal" <an*******@disc ussions.microso ft.com> wrote in message
news:14******** *************** *****@phx.gbl.. .
> Hello,
>
> can anybody tell me how I can extend the session
> expiry time? Is it done via code or via IIS? Sorry I am
> new and dont know about this.
>
>

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.794 / Virus Database: 538 - Release Date: 10/11/2004

Nov 19 '05 #6

Chris

The question still is, say if you do want to chnage it from the default value
of 20 minutes, where is it best change it at?

"Juan T. Llibre" wrote:

The default value is a good figure : 20 minutes.

If you don't plan for your users to stay at any one
page without browsing to other pages for that
long, you could set it at 15 or even 10 minutes.

Setting it to a higher figure will only waste resources
if your users never stay at one page for as long a time
as you set in Session.Timeout .

Remember, Session_OnEnd only executes after
the number of minutes specified in Session.Timeout
has elapsed *without* the user having requested a page.

Juan T. Llibre
ASP.NET MVP
===========
"Chris" <Ch***@discussi ons.microsoft.c om> wrote in message
news:9B******** *************** ***********@mic rosoft.com...
where do you suggest to set this at?
I've heard in the web.config file:
<sessionState mode="InProc" timeout="60">
but I can't seem to get that to work?
What about the global.asax file?
I thought that page by page is over kill?

thanx.

"Ken Cox [Microsoft MVP]" wrote:
In code, it is Session.Timeout

http://msdn.microsoft.com/library/de..._sesoptime.asp

"Vishal" <an*******@disc ussions.microso ft.com> wrote in message
news:14******** *************** *****@phx.gbl.. .
> Hello,
>
> can anybody tell me how I can extend the session
> expiry time? Is it done via code or via IIS? Sorry I am
> new and dont know about this.
>
>

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.794 / Virus Database: 538 - Release Date: 10/11/2004

Nov 19 '05 #7

That would depend on whether you want the
new value to be a globally applied value,
or whether you only want the session time
extended for users who access specific pages.

If you want the value applied globally, set it in web.config.

If you want the session to be longer only for users
who access specific pages which might take longer
to process, change it in code on those pages.

I'd only set the Session.Timeout to a longer value
in code in specific pages which take longer to process
( like long forms which the user has to fill in ).

Juan T. Llibre
ASP.NET MVP
===========
"Chris" <Ch***@discussi ons.microsoft.c om> wrote in message
news:C8******** *************** ***********@mic rosoft.com...

The question still is, say if you do want to chnage it from
the default value of 20 minutes, where is it best change it at?

"Juan T. Llibre" wrote:
The default value is a good figure : 20 minutes.

If you don't plan for your users to stay at any one
page without browsing to other pages for that
long, you could set it at 15 or even 10 minutes.

Setting it to a higher figure will only waste resources
if your users never stay at one page for as long a time
as you set in Session.Timeout .

Remember, Session_OnEnd only executes after
the number of minutes specified in Session.Timeout
has elapsed *without* the user having requested a page.

Juan T. Llibre
ASP.NET MVP
===========
"Chris" <Ch***@discussi ons.microsoft.c om> wrote in message
news:9B******** *************** ***********@mic rosoft.com...
> where do you suggest to set this at?
> I've heard in the web.config file:
> <sessionState mode="InProc" timeout="60">
> but I can't seem to get that to work?
> What about the global.asax file?
> I thought that page by page is over kill?
>
> thanx.
>
> "Ken Cox [Microsoft MVP]" wrote:
>
>> In code, it is Session.Timeout
>>
>> http://msdn.microsoft.com/library/de..._sesoptime.asp
>>
>> "Vishal" <an*******@disc ussions.microso ft.com> wrote in message
>> news:14******** *************** *****@phx.gbl.. .
>> > Hello,
>> >
>> > can anybody tell me how I can extend the session
>> > expiry time? Is it done via code or via IIS? Sorry I am
>> > new and dont know about this.
>> >
>> >
>>
>>

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.794 / Virus Database: 538 - Release Date: 10/11/2004

Nov 19 '05 #8

Chris

so this statement should be correct, see prevoius thread:

<sessionState mode="InProc" timeout="60">
"Juan T. Llibre" wrote:

That would depend on whether you want the
new value to be a globally applied value,
or whether you only want the session time
extended for users who access specific pages.

If you want the value applied globally, set it in web.config.

If you want the session to be longer only for users
who access specific pages which might take longer
to process, change it in code on those pages.

I'd only set the Session.Timeout to a longer value
in code in specific pages which take longer to process
( like long forms which the user has to fill in ).

Juan T. Llibre
ASP.NET MVP
===========
"Chris" <Ch***@discussi ons.microsoft.c om> wrote in message
news:C8******** *************** ***********@mic rosoft.com...
The question still is, say if you do want to chnage it from
the default value of 20 minutes, where is it best change it at?

"Juan T. Llibre" wrote:
The default value is a good figure : 20 minutes.

If you don't plan for your users to stay at any one
page without browsing to other pages for that
long, you could set it at 15 or even 10 minutes.

Setting it to a higher figure will only waste resources
if your users never stay at one page for as long a time
as you set in Session.Timeout .

Remember, Session_OnEnd only executes after
the number of minutes specified in Session.Timeout
has elapsed *without* the user having requested a page.

Juan T. Llibre
ASP.NET MVP
===========
"Chris" <Ch***@discussi ons.microsoft.c om> wrote in message
news:9B******** *************** ***********@mic rosoft.com...
> where do you suggest to set this at?
> I've heard in the web.config file:
> <sessionState mode="InProc" timeout="60">
> but I can't seem to get that to work?
> What about the global.asax file?
> I thought that page by page is over kill?
>
> thanx.
>
> "Ken Cox [Microsoft MVP]" wrote:
>
>> In code, it is Session.Timeout
>>
>> http://msdn.microsoft.com/library/de..._sesoptime.asp
>>
>> "Vishal" <an*******@disc ussions.microso ft.com> wrote in message
>> news:14******** *************** *****@phx.gbl.. .
>> > Hello,
>> >
>> > can anybody tell me how I can extend the session
>> > expiry time? Is it done via code or via IIS? Sorry I am
>> > new and dont know about this.
>> >
>> >
>>
>>
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.794 / Virus Database: 538 - Release Date: 10/11/2004

Nov 19 '05 #9

set session cookie expiration date

Like I said before, globally setting the session timeout
to 60 minutes will cause higher resource consumption
( more ram consumption, for example ) than if you only
set the session.timeout to 60 minutes for those users
who have to stay a long time at specific pages.

Naturally, if *all* users have to go through a page which
takes an unusually long time to process, then setting the
session.timeout to a longer time makes sense, but if only
a subset of yours users need to spend that much time at
a single page ( without being able to request at least one
other page ), then setting the session.timeout to a larger
value will result in a waste of server resources.

The longer the session.timeout value,
the more resources are consumed by the server.

This becomes quite critical at servers which have a
large number of concurrent users within the time period
specified in web.config.

To give you an idea, if you have 100,000 user sessions
within one hour ( and you set session.timeout to 60 minutes )
and you store 10kb per user in the session object,
you will need 1GB RAM just to store session data.

If you store 100kb per user in the session object,
you'd need 10GB RAM, just to store session data.

If your site is a low-traffic site, then you can safely set
the session.timeout to 60 minutes, because it probably
won't matter ( unless you store 100MB per user in the
session object, heh, heh... )

Juan T. Llibre
ASP.NET MVP
===========
"Chris" <Ch***@discussi ons.microsoft.c om> wrote in message
news:D5******** *************** ***********@mic rosoft.com...

so this statement should be correct, see prevoius thread:

<sessionState mode="InProc" timeout="60">
"Juan T. Llibre" wrote:
That would depend on whether you want the
new value to be a globally applied value,
or whether you only want the session time
extended for users who access specific pages.

If you want the value applied globally, set it in web.config.

If you want the session to be longer only for users
who access specific pages which might take longer
to process, change it in code on those pages.

I'd only set the Session.Timeout to a longer value
in code in specific pages which take longer to process
( like long forms which the user has to fill in ).

Juan T. Llibre
ASP.NET MVP
===========
"Chris" <Ch***@discussi ons.microsoft.c om> wrote in message
news:C8******** *************** ***********@mic rosoft.com...
> The question still is, say if you do want to chnage it from
> the default value of 20 minutes, where is it best change it at?
>
> "Juan T. Llibre" wrote:
>
>> The default value is a good figure : 20 minutes.
>>
>> If you don't plan for your users to stay at any one
>> page without browsing to other pages for that
>> long, you could set it at 15 or even 10 minutes.
>>
>> Setting it to a higher figure will only waste resources
>> if your users never stay at one page for as long a time
>> as you set in Session.Timeout .
>>
>> Remember, Session_OnEnd only executes after
>> the number of minutes specified in Session.Timeout
>> has elapsed *without* the user having requested a page.
>>
>>
>>
>>
>> Juan T. Llibre
>> ASP.NET MVP
>> ===========
>> "Chris" <Ch***@discussi ons.microsoft.c om> wrote in message
>> news:9B******** *************** ***********@mic rosoft.com...
>> > where do you suggest to set this at?
>> > I've heard in the web.config file:
>> > <sessionState mode="InProc" timeout="60">
>> > but I can't seem to get that to work?
>> > What about the global.asax file?
>> > I thought that page by page is over kill?
>> >
>> > thanx.
>> >
>> > "Ken Cox [Microsoft MVP]" wrote:
>> >
>> >> In code, it is Session.Timeout
>> >>
>> >> http://msdn.microsoft.com/library/de..._sesoptime.asp
>> >>
>> >> "Vishal" <an*******@disc ussions.microso ft.com> wrote in message
>> >> news:14******** *************** *****@phx.gbl.. .
>> >> > Hello,
>> >> >
>> >> > can anybody tell me how I can extend the session
>> >> > expiry time? Is it done via code or via IIS? Sorry I am
>> >> > new and dont know about this.
>> >> >
>> >> >
>> >>
>> >>
>>
>>
>> ---
>> Outgoing mail is certified Virus Free.
>> Checked by AVG anti-virus system (http://www.grisoft.com).
>> Version: 6.0.794 / Virus Database: 538 - Release Date: 10/11/2004
>>
>>
>>

Nov 19 '05 #10

Similar topics

4515

by: Christophe Lance | last post by:

Hello, I use PHP session cookie to store an id number. I know how to set a cookie expiration date using the setcookie function, but how to set an expiration date when the cookie is created by the session_start function ? I know the cookie expires after the session ends, but when I look at my HTTP headers, the cookie's expiration date created by the session is set to 19

session timeout suggestions wanted

2807

by: Craig Storey | last post by:

I have a form where users logged in using sessions can edit articles in a WYSIWYG editor. Some of them take their time and don't like to save their work very often and occassionally the sessions expire and their work goes poof. (I've suggested editing off-line and simply copy+paste but they prefer the editor.) After a lot of searching I've found the main culprit is session.gc_maxlifetime and I can set it longet like... ...

REPLACE SESSION IN CURRENT CONTEXT!

2024

by: Igor | last post by:

Is it possible to point current context's session to another active session based on a SessionID?

Security issue / Session variable expiration?

2742

by: VB Programmer | last post by:

I know you can make cookies expire, but how about session variables? I'm basically using session for security, etc... One variable is session("LoggedOn"). If a page sits idle for 30 minuts I want to make them log back in order to see another page (ie turn "LoggedOn" = false). Any ideas or suggestions? Thanks!

366

Session Variables

by: ChrisN | last post by:

Hi there, Two questions related to each other. 1. Session variables expire by defualt when not used for 20 minutes. Does "used" mean that a user has not access any session varibles in 20 minutes or that no pages activity has taken place in that time regardless of wether or not a session variable has been accessed? 2. When a user logges in I store the user's ID in a session variable. This

Strange session timeout problem(urgent help needed).

5215

by: jensen bredal | last post by:

Hello, i'm struggling with a somehow badly understood session scenario. I provide acces to my pages based on form authentication using Session cookies. Som of my pages are supposed to be running continuously and refreshing once an hour. I there set timeout= 61 in <sessionState section and on my page it says <meta http-equiv="refresh" content="3600">. I also set timeout=120 in the <forms section of web.config to make sure

caching: Session state or Application state...

1761

by: spacehopper_man | last post by:

I'm considering ditching all use of Session state in favour of Application state. This is because - from what I can work out - it will be more memory efficient for me. I have three questions: 1) When is memory used for Session State freed (or essentially freed)? - if ever...

How to allow a webbrowser to restart a session after it has expired?

4983

by: Riaan | last post by:

Hi guys! I have an issue that needs urgent resolution. Imagine this scenario: You have: 1 production server running Windows Server 2003, IIS6 and an instance of MSDE 2000. There is an asp.net app (written in C#) running which has the only purpose of rendering a page with a "Next" button on it and some status info. When the user clicks the next button, an event is written to the

9949

Kill And ASP.NET Session

by: Goofy | last post by:

Does anyone know how I can kill a session by session ID ? -- Goofy

CAPTCHA (verification code) and session

4805

by: sb5309 | last post by:

When one uses CAPTCHA (form with verification code), a session is required to keep the session data. In examples that I have seen on the net, I did not see a session is closed after use. Imagine a case when someone gets to a form with CAPTCHA, a session will be started in the server; and then the person decides to jump to another site without filling the form. The session data still exists in the server. If this scenario gets repeated...

Changing the language in Windows 10

9386

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...

Windows Server

9998

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...

Online Marketing

8822

AI Job Threat for Devs

by: agi2029 | last post by:

Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...

Career Advice

6642

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...

C# / C Sharp

5270

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...

Networking - Hardware / Configuration

5406

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

3917

transfer the data from one system to another through ip address

by: 6302768590 | last post by:

Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

C# / C Sharp

3523

How to add payments to a PHP MySQL app.

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.