Forms and Session timeout

I

Iain

I've got a asp.net (2.0) application which uses forms authentication.

My problem is that every so often the Session expires though the forms
Session does not. WHich causes a crash.

What I *want* to happen is that the login is valid for (say) 20 mins without
any user activity (how does the forms stuff know this?). At that if the user
performs any action on the site, they should be redirected to the login page
and the session will be lost.

The session will also be lost (for memory reasons) 25 mins after the last
login.

I've read that you can use Session_Start to reconstitute the session, but
unfortunately some of the session values depend on choices made immediately
after logon and I don't particularly want to persist these.

What is the 'best practice' for managing timeouts in this context?

Iain
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,995
Messages
2,570,225
Members
46,815
Latest member
treekmostly22

Latest Threads

Top