how to increase session timeout in asp.net?

C

6

23

I tried following codes to increase session timeout, but no use,

code is:

<sessionState mode="InProc" cookieless="true" timeout="60">
</sessionState>

Also code at

void Session_Start(object sender, EventArgs e)
{
// Code that runs when a new session is started
Session.Timeout = 15;
}

Claxton answered 24/2, 2014 at 13:14 Comment(2)

This should work. How are you checking that your session is timing out? – Epicedium 24/2, 2014 at 14:31

take a loot at this question https://mcmap.net/q/585099/-increasing-session-timeout – Pissarro 24/2, 2014 at 14:55

F

36

You can increase the session time-out in asp.net in any one of the following ways

Using IIS Version 7 :

Open up IIS
Select your website from the list of sites
Click on Session state on the right
Now enter your session timeout under the cookie settings

OR

Web.config : Open up your web.config file and under the system.web section add the following :

<sessionState timeout = "20" mode = "InProc" />

Replace 20 with whatever number you wish.

OR

Global.asax file : Under the Session_Start method, set the timeout property of the session to the required value like this

Session.Timeout = "20";

Note : If you are setting a session timeout in both IIS as well as web.config, then the one in IIS will override the one in web.config

Hope this helps!

Fantail answered 24/2, 2014 at 14:49 Comment(9)

You forgot to close the sessionState tag in your example. You should write: <sessionState timeout = "20" mode = "InProc" /> – Laritalariviere 27/1, 2015 at 17:27

Hey thanks for informing me on that, will update my answer with it ! much appreciated! – Fantail 28/1, 2015 at 7:32

Actually, under IIS 7, setting the session one place sets it in the other. So if you set it in IIS, it will update the Web.config automatically, and vice versa. – Couvade 10/2, 2015 at 23:18

How can we do this in code (for example if there is a "Remember me" checkbox on login)? – Burcham 7/6, 2016 at 0:18

20 is for minutes, hours or days? – Lackluster 11/6, 2016 at 13:22

@MuhammadAwais - its minutes. – Fantail 15/6, 2016 at 10:48

@Burcham - This link should be helpful --> forums.asp.net/t/… – Fantail 15/6, 2016 at 11:2

If you define in web.config: <sessionState timeout = "20" mode = "InProc" /> – Disassociate 31/1, 2018 at 17:26

If you define in web.config: <sessionState timeout = "20" /> is redundant write again in code: Session.Timeout = 20 Additionally for me (I needed 60 mins session duration), was necessary setup App Pool. Go to IIS admin, then App Pool, then Advanced settings, then into Process Model, set "Idle time-out (minutes)" to 60. If your website use authentication, cookie authentication expiration must be configured at least with double duration of session, if you update expiration in each request, take care of set Secure property according to setting in FormsAuthentication.RequireSSL. – Disassociate 31/1, 2018 at 17:33

L

3

If you are using forms authentication then the default value of session timeout is 30min.Try this code to increase session timeout.

<system.web>
  <authentication mode="Forms">
      <forms timeout="70"/>
  </authentication>
  <sessionstate timeout="80"/>
</system.web>

I think the code help you.

Longcloth answered 24/2, 2014 at 15:6 Comment(2)

Hi, Can you tell me the difference between the two timeout values? i.e. Forms timeout & Sessionstate timeout – Mauser 19/11, 2014 at 6:0

@NitinSawant - here is an existing answer on stackoverflow to your query --- #17813494 – Fantail 28/1, 2015 at 7:35

G

2

simply,go WebConfig,then set it,

        <system.web>
    <sessionState timeout="60"></sessionState>
  <compilation debug="true" targetFramework="4.0" />
</system.web>

Gaddi answered 24/10, 2017 at 10:43 Comment(0)

U

1

<system.web>
  <authentication mode="Forms">
      <forms timeout="70"/>
  </authentication>
  <sessionState timeout="80"/>
</system.web>

It works for me, copy it to your web.config file.

Upsilon answered 20/6, 2015 at 9:45 Comment(0)

B

0

I wanted to add my final solution. After reading that setting it in the config was "incorrect".

            if (model.RememberMe)
            {
                var ASPCookie = Request.Cookies["ASP.NET_SessionId"];
                ASPCookie.Expires = DateTime.Now.AddDays(15);
                Response.SetCookie(ASPCookie);
            }

Burcham answered 15/6, 2016 at 11:58 Comment(0)

Y

0

 <sessionState cookieless="false" timeout="30" mode="InProc"/>
  <authentication mode="Forms">
      <forms name="AppRootForms" loginUrl="LoginPage.aspx" protection="All" timeout="30" path="/" slidingExpiration="true"/>
    </authentication>
<system.webServer>
     <!--<max limit for storing session />-->
    <asp>
         <session allowSessionState="true" max="100000" timeout="00:30:00" />
    </asp>
</system.webServer>

Yokel answered 12/4, 2018 at 12:19 Comment(0)

Recommended topics

Hot tags