ASP.NET MVC membership - user being logged out frequently - don't know why

Question

I have an ASP.NET MVC 4 web application. Running locally, it works fine, but on the web host (which uses shared hosting), the logged on user is frequently logged out by being redirected back to the home page. In most cases, the user is logged out after performing only a few actions.

The web host suggested that my application could be using up too much memory but I used a program to profile the memory usage and I confirmed that it wasn't using excessive amounts of memory - in fact the application seems to use a fraction of the allocated memory on the web host.

Here is the logon method that is used:

    public static Boolean Login(string Username, string Password, bool persistCookie  = false)
    {

        bool success = Membership.ValidateUser(Username, Password);
        if (success)
        {
            FormsAuthentication.SetAuthCookie(Username, persistCookie);
        }
        return success;
    }

In my web host, the forms authentication timeout is set to 60 minutes, so that shouldn't be an issue, right?

<authentication mode="Forms">
  <forms loginUrl="~/Account/Login" timeout="60" />
</authentication>

and my session state timeout value is also set to 60 minutes:

<sessionState mode="InProc" customProvider="DefaultSessionProvider" timeout="60">

Based on the answer here, I added this line also, which didn't seem to solve the issue:

<machineKey validationKey="AutoGenerate,IsolateApps" decryptionKey="AutoGenerate,IsolateApps"></machineKey>

Any ideas to what the problem might be and what I can do to solve the problem?

Answer 1

Your sessions are not timing out. The IIS is crashing. Since you are using in memory sessions, every time IIS crashes, your sessions are gone and the user gets logged out. You should check the server's event views and look into details of errors to find out what the error is.