By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,347 Members | 2,120 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,347 IT Pros & Developers. It's quick & easy.

Forms timeout, Session timeout

P: n/a
I think I understand the difference between forms authentication
timeout and the sessionstate timeout. That said, they are giving me
headache.

I have a simple test application using Forms authentication.

In my web.config I have:

<authentication mode="Forms">
<forms loginUrl="Default.aspx" protection="All" timeout="2"
name=".ASPXAUTH" path="/" requireSSL="false" slidingExpiration="true"
defaultUrl="Default2.aspx" cookieless="UseDeviceProfile"
enableCrossAppRedirects="false"/>
</authentication>

and

<sessionState mode="InProc" timeout="2" cookieless="false">
</sessionState>

Note that I set both timeout values to only 2 minutes. In IIS config,
I set the session timeout to 2 minutes also.

I run this application, and login, let it idle for more than 2
minutes. I thought I am out, but when I click on something, I can
still get redirected to other pages of this application. I thought
that I should be redirected to the Login page. Shouldn't I?

I feel like I have no control over the session timeout at all. What's
going on? Any hint is highly appreciated.

Jun 27 '08 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.