i am new to asp.net..please help me to write code for setting session timeout and how to implement in all pages,i tried out using web config method,but not getting,i am nearing to deadline.
This is my code
From code:
Session.Timeout = 60; // this will set 60 min timout
From config:
<sessionState timeout="60" />
Using Web.config
<sessionState
timeout="number of minutes"............
Full reference HERE !
or
Using Forms authentication
<system.web>
<authentication mode="Forms">
<forms timeout="50"/>
</authentication>
<sessionState timeout="60" />
</system.web>
Related
my site (ASP.NET webForm ) log out with out user request , user forced to login page and interrupt his work ? please advice ...
this line from my web.config
<authentication mode="Forms">
<forms loginUrl="~/Account/XXXXXXX.aspx" timeout="2880" />
</authentication>
Try increasing the Session timeout value, by default this is 30 minutes.
<system.web>
<authentication mode="Forms">
<forms loginUrl="~/Account/XXXXXXX.aspx" timeout="2880"/>
</authentication>
<sessionState timeout="3000" />
</system.web>
I have read about a million posts online regarding session timeout in config file and I am near tears. I have the following code in my config file. I have set the timeout to 1 minute as a test. The session does indeed end within 1 minutee however, if I set to 120 (2 hours) which is what i want, the session end after the default time of 20 minutes i believe. Can anyone offer some help.
<?xml version="1.0"?>
<configuration>
<system.web>
<sessionState mode="InProc" cookieless="false" timeout="1" >
</sessionState>
<compilation debug="true"/>
<authentication mode="Forms">
<forms defaultUrl="~/Default.aspx"
loginUrl="~/Default.aspx"
name=".ASPXFORMSAUTH"
slidingExpiration="true"
timeout="1" />
</authentication>
<customErrors mode="Off" />
</system.web>
</configuration>
If an app pool is idle for 20 minutes it will recycle by default, see image below.
See this Microsoft post about changing the default.
UPDATE
If you do not have access to the IIS Application Pool Settings you can try the adding the following to your web.config however the recommended approach is via IIS
<configuration>
<system.web>
<sessionState mode="InProc" timeout="120" />
</system.web>
</configuration>
I wanted to make my login as the default page before the user accesses the home page. This is my code.
<system.webServer>
<defaultDocument>
<files>
<clear/>
<add value="Login.aspx"/>
</files>
</defaultDocument>
</system.webServer>
Thanks! :)
just Right click on that page and click on set as start up page.
What you need to do is first establish the authorization and authentication mechanism. You can use FormsAuthentication and configure the settings in a web.config file. For example, to enable forms authentication you would set the following value in the config file:
<authentication mode="Forms">
<forms
name=".ASPXAUTH"
loginUrl="login.aspx"
defaultUrl="default.aspx"
protection="All"
timeout="30"
path="/"
requireSSL="false"
slidingExpiration="true"
cookieless="UseDeviceProfile" domain=""
enableCrossAppRedirects="false">
<credentials passwordFormat="SHA1" />
</forms>
<passport redirectUrl="internal" />
</authentication>
Here you can see that loginUrl is set to login.aspx. This way, if a user is not authenticated, he or she will be redirected to login.aspx
This is much better approach than establishing your own logic for redirection to login or setting login.aspx as a start page.
I used this following code to set authenticate cookie :
System.Web.Security.FormsAuthentication.SetAuthCookie(Profile.Email, true);
my question is how I can increase life-time for this authentication cookie ?
The timeout is set primarily in the web.config file, you can do it in code but I wouldn't advise it.
These are the default settings, you can see the timeout value that's specified in minutes.
<system.web>
<authentication mode="Forms">
<forms loginUrl="Login.aspx"
protection="All"
timeout="30"
name=".ASPXAUTH"
path="/"
requireSSL="false"
slidingExpiration="true"
defaultUrl="default.aspx"
cookieless="UseDeviceProfile"
enableCrossAppRedirects="false" />
</authentication>
</system.web>
This is how to set that time up. (For instance, for two weeks expiration).
var cookie = FormsAuthentication.GetAuthCookie("user-name", false);
cookie.Expires = DateTime.UtcNow.AddDays(14);
Response.Cookies.Add(cookie);
I am trying to set the timeout parameter of session state but it doesnt time out.
<sessionState mode="InProc" timeout="1"></sessionState>
I am refreshing the page after 1 minute and I still the session state value.
Why?
Use this way (if in case you are using FA as well)
<system.web>
<authentication mode="Forms">
<forms timeout="1"/>
</authentication>
<sessionState timeout="1" />
</system.web>
<system.web>
<authentication mode="Forms">
<forms timeout="1"/>
</authentication>
<sessionState timeout="1" />
</system.web>
you welcome
The MSDN says it shouldn't be lower then 4 minutes. Refer to the following it might help:
http://justgeeks.blogspot.com/2008/07/aspnet-session-timeouts.html