473,322 Members | 1,523 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,322 software developers and data experts.

How to set session timeout

Setting session timeout in web.config file does not seem
to have any effect. Any explanation or suggestion will be
appreciated.
Nov 17 '05 #1
12 43134
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem
to have any effect. Any explanation or suggestion will be
appreciated.

Nov 17 '05 #2
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem
to have any effect. Any explanation or suggestion will be
appreciated.

Nov 17 '05 #3
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back
to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
-----Original Message-----
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem to have any effect. Any explanation or suggestion will be appreciated.

.

Nov 17 '05 #4
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back
to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
-----Original Message-----
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem to have any effect. Any explanation or suggestion will be appreciated.

.

Nov 17 '05 #5
forms authentication and session state are not related.

youre forms authentication timeout specifies how long after a period of
inactivity should the user be taken back to the login page.

Session state just says how long to maintain session data for. If the
session timeout is shorter then the authentication timeout, the session data
will dissapear, but the user will still be authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back
to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
-----Original Message-----
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem to have any effect. Any explanation or suggestion will be appreciated.

.

Nov 17 '05 #6
forms authentication and session state are not related.

youre forms authentication timeout specifies how long after a period of
inactivity should the user be taken back to the login page.

Session state just says how long to maintain session data for. If the
session timeout is shorter then the authentication timeout, the session data
will dissapear, but the user will still be authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back
to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
-----Original Message-----
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem to have any effect. Any explanation or suggestion will be appreciated.

.

Nov 17 '05 #7
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable and
the session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long after a period ofinactivity should the user be taken back to the login page.
Session state just says how long to maintain session data for. If thesession timeout is shorter then the authentication timeout, the session datawill dissapear, but the user will still be authenticated, and thus not beasked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message
>news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not

seem
>> to have any effect. Any explanation or suggestion
will be
>> appreciated.
>
>
>.
>

.

Nov 17 '05 #8
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable and
the session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long after a period ofinactivity should the user be taken back to the login page.
Session state just says how long to maintain session data for. If thesession timeout is shorter then the authentication timeout, the session datawill dissapear, but the user will still be authenticated, and thus not beasked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message
>news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not

seem
>> to have any effect. Any explanation or suggestion
will be
>> appreciated.
>
>
>.
>

.

Nov 17 '05 #9
You set this value in the constructor for the
FormsAuthenticationTicket as shown below. After your user
is authenticated, try something like the following:

FormsAuthenticationTicket tkt;
string CookieStr;
HttpCookie ck;

// Create new Auth Ticket. Last argument authentication
timeout expressed in seconds.

SessionTimeout = 30; //Timeout in minutes

tkt = new FormsAuthenticationTicket(txtUserName.Text,
false, SessionTimeout * 60);

// Encrypt ticket
CookieStr = FormsAuthentication.Encrypt(tkt);

// Create the cookie
ck = new HttpCookie(FormsAuthentication.FormsCookieName,
CookieStr);

//Add cookie to HTTP header
Response.Cookies.Add(ck);

// Redirect to the main page
Response.Redirect("Default.htm", true);

HTH.

J. Ptak
-----Original Message-----
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable and
the session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long

after a period of
inactivity should the user be taken back to the login

page.

Session state just says how long to maintain session

data for. If the
session timeout is shorter then the authentication

timeout, the session data
will dissapear, but the user will still be

authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes meback to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />

>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message
>news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not
seem
>> to have any effect. Any explanation or suggestionwill be
>> appreciated.
>
>
>.
>

.

.

Nov 17 '05 #10
You set this value in the constructor for the
FormsAuthenticationTicket as shown below. After your user
is authenticated, try something like the following:

FormsAuthenticationTicket tkt;
string CookieStr;
HttpCookie ck;

// Create new Auth Ticket. Last argument authentication
timeout expressed in seconds.

SessionTimeout = 30; //Timeout in minutes

tkt = new FormsAuthenticationTicket(txtUserName.Text,
false, SessionTimeout * 60);

// Encrypt ticket
CookieStr = FormsAuthentication.Encrypt(tkt);

// Create the cookie
ck = new HttpCookie(FormsAuthentication.FormsCookieName,
CookieStr);

//Add cookie to HTTP header
Response.Cookies.Add(ck);

// Redirect to the main page
Response.Redirect("Default.htm", true);

HTH.

J. Ptak
-----Original Message-----
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable and
the session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long

after a period of
inactivity should the user be taken back to the login

page.

Session state just says how long to maintain session

data for. If the
session timeout is shorter then the authentication

timeout, the session data
will dissapear, but the user will still be

authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes meback to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />

>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message
>news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not
seem
>> to have any effect. Any explanation or suggestionwill be
>> appreciated.
>
>
>.
>

.

.

Nov 17 '05 #11
Thanks.

-----Original Message-----
You set this value in the constructor for the
FormsAuthenticationTicket as shown below. After your useris authenticated, try something like the following:

FormsAuthenticationTicket tkt;
string CookieStr;
HttpCookie ck;

// Create new Auth Ticket. Last argument authentication
timeout expressed in seconds.

SessionTimeout = 30; //Timeout in minutes

tkt = new FormsAuthenticationTicket(txtUserName.Text,
false, SessionTimeout * 60);

// Encrypt ticket
CookieStr = FormsAuthentication.Encrypt(tkt);

// Create the cookie
ck = new HttpCookie(FormsAuthentication.FormsCookieName,
CookieStr);

//Add cookie to HTTP header
Response.Cookies.Add(ck);

// Redirect to the main page
Response.Redirect("Default.htm", true);

HTH.

J. Ptak
-----Original Message-----
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable andthe session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long

after a period of
inactivity should the user be taken back to the login

page.

Session state just says how long to maintain session

data for. If the
session timeout is shorter then the authentication

timeout, the session data
will dissapear, but the user will still be

authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl.. .
I am using a form based login. It does not matter what value I set timeout to (e.g timeout="1", timeout="20", timeout="120", etc), the application always takes me

back
to the login form after approximately 20 minutes of not posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />

>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message >news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not seem
>> to have any effect. Any explanation or suggestion

will
be
>> appreciated.
>
>
>.
>
.

.

.

Nov 17 '05 #12
Thanks.

-----Original Message-----
You set this value in the constructor for the
FormsAuthenticationTicket as shown below. After your useris authenticated, try something like the following:

FormsAuthenticationTicket tkt;
string CookieStr;
HttpCookie ck;

// Create new Auth Ticket. Last argument authentication
timeout expressed in seconds.

SessionTimeout = 30; //Timeout in minutes

tkt = new FormsAuthenticationTicket(txtUserName.Text,
false, SessionTimeout * 60);

// Encrypt ticket
CookieStr = FormsAuthentication.Encrypt(tkt);

// Create the cookie
ck = new HttpCookie(FormsAuthentication.FormsCookieName,
CookieStr);

//Add cookie to HTTP header
Response.Cookies.Add(ck);

// Redirect to the main page
Response.Redirect("Default.htm", true);

HTH.

J. Ptak
-----Original Message-----
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable andthe session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long

after a period of
inactivity should the user be taken back to the login

page.

Session state just says how long to maintain session

data for. If the
session timeout is shorter then the authentication

timeout, the session data
will dissapear, but the user will still be

authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl.. .
I am using a form based login. It does not matter what value I set timeout to (e.g timeout="1", timeout="20", timeout="120", etc), the application always takes me

back
to the login form after approximately 20 minutes of not posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />

>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message >news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not seem
>> to have any effect. Any explanation or suggestion

will
be
>> appreciated.
>
>
>.
>
.

.

.

Nov 17 '05 #13

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
by: DavidS | last post by:
First: There are several ways to confuse one regarding session timeout. (1) web.config - <sessionState timeout="20"> (2) IIS Manager | Internet Information Services | ServerNode | Default Web Site...
8
by: Joe Abou Jaoude | last post by:
hi, I have a web app with forms authentication and a timeout session of 20 mins for security reasons. I recently added a feature that allows users (if they want to) to automatically log in...
8
by: bdeviled | last post by:
I am deploying to a web environment that uses load balancing and to insure that sessions persist across servers, the environment uses SQL to manage sessions. The machine.config file determines how...
17
by: jensen bredal | last post by:
Hello, i'm struggling with a somehow badly understood session scenario. I provide acces to my pages based on form authentication using Session cookies. Som of my pages are supposed to be...
2
by: Aryan | last post by:
Hi, I have put my session related parameter in web.config under system.web, given below is the code for same. <system.web> <sessionState timeout ="1440" mode ="InProc" /> </system.web> this...
4
by: UJ | last post by:
I have a page where the user can upload a video file. As you can guess, this may take a while. Is there a way I can change the session timeout for just this one page? I would also want to change...
25
by: =?Utf-8?B?RGF2aWQgVGhpZWxlbg==?= | last post by:
I tried: <sessionState timeout="1"> </sessionState> bounced IIS, and after 1 minute still had a session. ??? -- thanks - dave
3
by: trullock | last post by:
Hi, I want to test some session timeout code ive written but im getting a few problems. I want to reduce the session timeout to 1min so i dont have to wait around for 20 min to see if my code...
9
by: antonyliu2002 | last post by:
By default, IIS is configured to timeout a session in 20 minutes, which can be changed through the IIS config window. I use InProc sessionState mode. I can also set the session timeout in...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.