Hi folks. I'm building a site in VB.NET using forms authenication as laid out in my .NET book for newbies. Everything seems to work fine except that my session times out prematurely - the site only needs to be inactive for a minute or two before it logs me out. I've got the timeout set to 60 minutes. My code is as follows:
web.config
--------------
<system.web>
<authentication mode="Forms">
<forms name=".CookieName" loginUrl="login.aspx" defaultUrl="~/default.aspx
" protection="All" timeout="60"/>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
Then when I process the user login, I simply do the following in the code behind on the login page:
FormsAuthentication.Redire
ctFromLogi
nPage(strU
sername, False)
I've tried setting the above to "true", but it doesn't seem to make any difference. Anyway, as I understand it, setting it to "true" simply means that the cookie persists after the browser has been closed.
Other things I've looked into:
1. The web.config file is not being resaved by anti-virus software - I read somewhere that this often happens, but it's not happening here.
2. I added the following to web.config under <system.web> with no real idea why it would be different to the setting above: <sessionState mode="InProc" timeout="60" />
3. I added a global.asax file and added something to do with timeout on application_start, but it caused a .NET error (unfortunately I can't remember the code that I used and can't seem to reproduce it now).
Does anyone have any ideas? If you do, would you please give a detailed response as I really don't know what I'm doing.
Start Free Trial
