422,946 Members | 1,131 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 422,946 IT Pros & Developers. It's quick & easy.

How to set session timeout

P: n/a
Setting session timeout in web.config file does not seem
to have any effect. Any explanation or suggestion will be
appreciated.
Nov 17 '05 #1
Share this Question
Share on Google+
12 Replies


P: n/a
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem
to have any effect. Any explanation or suggestion will be
appreciated.

Nov 17 '05 #2

P: n/a
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem
to have any effect. Any explanation or suggestion will be
appreciated.

Nov 17 '05 #3

P: n/a
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back
to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
-----Original Message-----
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem to have any effect. Any explanation or suggestion will be appreciated.

.

Nov 17 '05 #4

P: n/a
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back
to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
-----Original Message-----
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem to have any effect. Any explanation or suggestion will be appreciated.

.

Nov 17 '05 #5

P: n/a
forms authentication and session state are not related.

youre forms authentication timeout specifies how long after a period of
inactivity should the user be taken back to the login page.

Session state just says how long to maintain session data for. If the
session timeout is shorter then the authentication timeout, the session data
will dissapear, but the user will still be authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back
to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
-----Original Message-----
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem to have any effect. Any explanation or suggestion will be appreciated.

.

Nov 17 '05 #6

P: n/a
forms authentication and session state are not related.

youre forms authentication timeout specifies how long after a period of
inactivity should the user be taken back to the login page.

Session state just says how long to maintain session data for. If the
session timeout is shorter then the authentication timeout, the session data
will dissapear, but the user will still be authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back
to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
-----Original Message-----
That would be the way to do it.

What makes you think that it is not working?

"Geigho" <ig******@zeonchemicals.com> wrote in message
news:0a****************************@phx.gbl...
Setting session timeout in web.config file does not seem to have any effect. Any explanation or suggestion will be appreciated.

.

Nov 17 '05 #7

P: n/a
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable and
the session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long after a period ofinactivity should the user be taken back to the login page.
Session state just says how long to maintain session data for. If thesession timeout is shorter then the authentication timeout, the session datawill dissapear, but the user will still be authenticated, and thus not beasked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message
>news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not

seem
>> to have any effect. Any explanation or suggestion
will be
>> appreciated.
>
>
>.
>

.

Nov 17 '05 #8

P: n/a
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable and
the session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long after a period ofinactivity should the user be taken back to the login page.
Session state just says how long to maintain session data for. If thesession timeout is shorter then the authentication timeout, the session datawill dissapear, but the user will still be authenticated, and thus not beasked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes me back to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />
>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message
>news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not

seem
>> to have any effect. Any explanation or suggestion
will be
>> appreciated.
>
>
>.
>

.

Nov 17 '05 #9

P: n/a
You set this value in the constructor for the
FormsAuthenticationTicket as shown below. After your user
is authenticated, try something like the following:

FormsAuthenticationTicket tkt;
string CookieStr;
HttpCookie ck;

// Create new Auth Ticket. Last argument authentication
timeout expressed in seconds.

SessionTimeout = 30; //Timeout in minutes

tkt = new FormsAuthenticationTicket(txtUserName.Text,
false, SessionTimeout * 60);

// Encrypt ticket
CookieStr = FormsAuthentication.Encrypt(tkt);

// Create the cookie
ck = new HttpCookie(FormsAuthentication.FormsCookieName,
CookieStr);

//Add cookie to HTTP header
Response.Cookies.Add(ck);

// Redirect to the main page
Response.Redirect("Default.htm", true);

HTH.

J. Ptak
-----Original Message-----
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable and
the session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long

after a period of
inactivity should the user be taken back to the login

page.

Session state just says how long to maintain session

data for. If the
session timeout is shorter then the authentication

timeout, the session data
will dissapear, but the user will still be

authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes meback to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />

>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message
>news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not
seem
>> to have any effect. Any explanation or suggestionwill be
>> appreciated.
>
>
>.
>

.

.

Nov 17 '05 #10

P: n/a
You set this value in the constructor for the
FormsAuthenticationTicket as shown below. After your user
is authenticated, try something like the following:

FormsAuthenticationTicket tkt;
string CookieStr;
HttpCookie ck;

// Create new Auth Ticket. Last argument authentication
timeout expressed in seconds.

SessionTimeout = 30; //Timeout in minutes

tkt = new FormsAuthenticationTicket(txtUserName.Text,
false, SessionTimeout * 60);

// Encrypt ticket
CookieStr = FormsAuthentication.Encrypt(tkt);

// Create the cookie
ck = new HttpCookie(FormsAuthentication.FormsCookieName,
CookieStr);

//Add cookie to HTTP header
Response.Cookies.Add(ck);

// Redirect to the main page
Response.Redirect("Default.htm", true);

HTH.

J. Ptak
-----Original Message-----
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable and
the session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long

after a period of
inactivity should the user be taken back to the login

page.

Session state just says how long to maintain session

data for. If the
session timeout is shorter then the authentication

timeout, the session data
will dissapear, but the user will still be

authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl...
I am using a form based login. It does not matter what
value I set timeout to (e.g timeout="1", timeout="20",
timeout="120", etc), the application always takes meback to the login form after approximately 20 minutes of not
posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />

>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message
>news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not
seem
>> to have any effect. Any explanation or suggestionwill be
>> appreciated.
>
>
>.
>

.

.

Nov 17 '05 #11

P: n/a
Thanks.

-----Original Message-----
You set this value in the constructor for the
FormsAuthenticationTicket as shown below. After your useris authenticated, try something like the following:

FormsAuthenticationTicket tkt;
string CookieStr;
HttpCookie ck;

// Create new Auth Ticket. Last argument authentication
timeout expressed in seconds.

SessionTimeout = 30; //Timeout in minutes

tkt = new FormsAuthenticationTicket(txtUserName.Text,
false, SessionTimeout * 60);

// Encrypt ticket
CookieStr = FormsAuthentication.Encrypt(tkt);

// Create the cookie
ck = new HttpCookie(FormsAuthentication.FormsCookieName,
CookieStr);

//Add cookie to HTTP header
Response.Cookies.Add(ck);

// Redirect to the main page
Response.Redirect("Default.htm", true);

HTH.

J. Ptak
-----Original Message-----
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable andthe session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long

after a period of
inactivity should the user be taken back to the login

page.

Session state just says how long to maintain session

data for. If the
session timeout is shorter then the authentication

timeout, the session data
will dissapear, but the user will still be

authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl.. .
I am using a form based login. It does not matter what value I set timeout to (e.g timeout="1", timeout="20", timeout="120", etc), the application always takes me

back
to the login form after approximately 20 minutes of not posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />

>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message >news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not seem
>> to have any effect. Any explanation or suggestion

will
be
>> appreciated.
>
>
>.
>
.

.

.

Nov 17 '05 #12

P: n/a
Thanks.

-----Original Message-----
You set this value in the constructor for the
FormsAuthenticationTicket as shown below. After your useris authenticated, try something like the following:

FormsAuthenticationTicket tkt;
string CookieStr;
HttpCookie ck;

// Create new Auth Ticket. Last argument authentication
timeout expressed in seconds.

SessionTimeout = 30; //Timeout in minutes

tkt = new FormsAuthenticationTicket(txtUserName.Text,
false, SessionTimeout * 60);

// Encrypt ticket
CookieStr = FormsAuthentication.Encrypt(tkt);

// Create the cookie
ck = new HttpCookie(FormsAuthentication.FormsCookieName,
CookieStr);

//Add cookie to HTTP header
Response.Cookies.Add(ck);

// Redirect to the main page
Response.Redirect("Default.htm", true);

HTH.

J. Ptak
-----Original Message-----
Thanks! But how do you set forms authentication timeout?
If I saved authentication flag in a session variable andthe session timed out, is the variable still available?
If not, then won't this cause the login page to be
redisplay since the authentication code (logic) cannot
read the value set in the session variable?
-----Original Message-----
forms authentication and session state are not related.

youre forms authentication timeout specifies how long

after a period of
inactivity should the user be taken back to the login

page.

Session state just says how long to maintain session

data for. If the
session timeout is shorter then the authentication

timeout, the session data
will dissapear, but the user will still be

authenticated, and thus not be
asked to relog in.

"geigho" <ig******@zeonchemicals.com> wrote in message
news:02****************************@phx.gbl.. .
I am using a form based login. It does not matter what value I set timeout to (e.g timeout="1", timeout="20", timeout="120", etc), the application always takes me

back
to the login form after approximately 20 minutes of not posting the page back to the server.

<sessionState mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user
id=sa;password=" cookieless="true" timeout="1" />

>-----Original Message-----
>That would be the way to do it.
>
>What makes you think that it is not working?
>
>"Geigho" <ig******@zeonchemicals.com> wrote in message >news:0a****************************@phx.gbl...
>> Setting session timeout in web.config file does not seem
>> to have any effect. Any explanation or suggestion

will
be
>> appreciated.
>
>
>.
>
.

.

.

Nov 17 '05 #13

This discussion thread is closed

Replies have been disabled for this discussion.