Our application has one page that users may fill out over an hour or more. They may start to fill it out, get interrupted and then finish the form and submit it later in the day. Because of that, the application code sets the session timeout for that page only to 8 hours. I've tested this and it seems to work fine. For example, I entered some data on the page and waited 3 hours before submitting it. The data was submitted just fine and I was still logged in to the application.
However, some of our users (customers - so we don't get all the details), occasionally report getting logged out on this page. I've looked at our IIS 6.0 settings and Recycle Worker Processes is set to 1740 minutes (29 hours) while Idle Timeout is set to Shutdown Worker Processes after being idle for 20 minutes. During the day, it is extremely unlikely that no one is using the application for 20 minutes to cause that to run. As I mentioned above, I tested this last night when there probably wasn't anyone else on the site and my session stayed alive.
Here are my questions:
1. Even though my session timeout is set to 8 hours, can session memory get "used up" so that IIS or the application someone terminate those sessions prior to 8 hours?
2. If the recycle worker processes limit occurs in the middle of the day and a user is away from their computer for too long, would that terminate their session?
3. Instead of the 1740 minutes setting to recycle worker processes, would it be better to schedule this once per day at night when there is very little traffic?
Thanks in advance.