Ed
asked on
Keeping Users Logged in asp.net(vb)
Whats the best way to keep users session active if they are using the application.
Eg
My app redirects users back to the login page if the user session is dropped. Tis us usually no browser activity after 20 mins. The problem is that some users spend time typing a lot of text into textboxes and when they go to submit they get logged out because they have lost their session.
Eg
My app redirects users back to the login page if the user session is dropped. Tis us usually no browser activity after 20 mins. The problem is that some users spend time typing a lot of text into textboxes and when they go to submit they get logged out because they have lost their session.
The items you need to worry about are the session timeout in the web.config and the application pool timeout as established at the IIS site level.
1. Modify or set the session timeout in the web.config. What Russ Suter says above may work in place of the web.config session timeout setting. Not sure myself.
2. Run the IIS configuration manager on the IIS server and open the application pool settings. There is a timeout value for the application pool. Make sure it matches what you have in the web.config.
I've successfully set a production site to 30 minutes in this fashion in my environment.
1. Modify or set the session timeout in the web.config. What Russ Suter says above may work in place of the web.config session timeout setting. Not sure myself.
2. Run the IIS configuration manager on the IIS server and open the application pool settings. There is a timeout value for the application pool. Make sure it matches what you have in the web.config.
I've successfully set a production site to 30 minutes in this fashion in my environment.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
good solution
Open in new window
The timeout attribute specifies the number of minutes an authentication session remains active. Be aware, however that this does greatly reduce website security.