Session object timout

Hi

I have an application that is designed for multi clients, therefore
users must go through a login page. Upon logging in I set some
properties in a class, one of which is the user id (integer) retrieved
from the SQL db and also the company id that successfully logged in.
I then add this this class to a session object which I named
"CurrentUserInfo".

Since the app relies on retrieving only information for the company of
which the user belongs, I added a small check on the Page_Load of each
web form to make sure that the session id of the user not zero (has to
be - it's a identity from table). If the check fails then I redirect
the user back to the login page so the have to login again, thus
recreating the session object which holds the class I mentioned above.

Since several of our clinets like to use this app like a windows app,
or rather the log in and then leave thier browser open while they talk
on the phone, go to lunch et.. they complained that it was inconvient
that they had to always relog in. So in the web.config I upped the
sessionstate "Timeout" value to 180 (3 hours).

However, I'm still getting complaints that they are getting bumped
back to the login page. I tested this myself by loggin in and leaving
my browser window open, and sure enough I get bumped after 20-30 min.
It varies, but certainly not 3 hours.

Does anyone have any ideas on why my session object is timing out?

TIA

Steve

Hello Steve,

Aside from the fact that I kind of like an application timing out for
security reasons, I'll try to respond to your question :) You are not
specifying your OS and IIS level, but the phenomenon may be caused by the
default "Idle Timeout" setting of the Application Pool that your ASP.NET
app is running in. The Application pool was introduced in Windows 2003
with IIS 6.0, to better manage your ASP.NET application amongst others for
stability purposes. You can find and change this setting by doing the
following:
- Open IIS Manager
- Expand the "Application Pools" node
- Expand the "DefaultAppPool" (you should see your ASP.NET application in
the list, otherwise try to find it in a different pool)
- Right-Click on the "DefaultAppPool" and click "Properties"
- Navigate to the "Performance Tab"
- Change the "Idle Timeout" to the desired value.

Good luck,
Dennis

Hi

I have an application that is designed for multi clients, therefore
users must go through a login page. Upon logging in I set some
properties in a class, one of which is the user id (integer) retrieved
from the SQL db and also the company id that successfully logged in.
I then add this this class to a session object which I named
"CurrentUserInfo".

Since the app relies on retrieving only information for the company of
which the user belongs, I added a small check on the Page_Load of each
web form to make sure that the session id of the user not zero (has to
be - it's a identity from table). If the check fails then I redirect
the user back to the login page so the have to login again, thus
recreating the session object which holds the class I mentioned above.

Since several of our clinets like to use this app like a windows app,
or rather the log in and then leave thier browser open while they talk
on the phone, go to lunch et.. they complained that it was inconvient
that they had to always relog in. So in the web.config I upped the
sessionstate "Timeout" value to 180 (3 hours).

However, I'm still getting complaints that they are getting bumped
back to the login page. I tested this myself by loggin in and leaving
my browser window open, and sure enough I get bumped after 20-30 min.
It varies, but certainly not 3 hours.

Does anyone have any ideas on why my session object is timing out?

TIA

Steve