I have an ASP.NET MVC 4 web application. Running locally, it works fine, but on the web host (which uses shared hosting), the logged on user is frequently logged out by being redirected back to the home page. In most cases, the user is logged out after performing only a few actions.
The web host suggested that my application could be using up too much memory but I used a program to profile the memory usage and I confirmed that it wasn't using excessive amounts of memory - in fact the application seems to use a fraction of the allocated memory on the web host.
Here is the logon method that is used:
public static Boolean Login(string Username, string Password, bool persistCookie = false)
{
bool success = Membership.ValidateUser(Username, Password);
if (success)
{
FormsAuthentication.SetAuthCookie(Username, persistCookie);
}
return success;
}
In my web host, the forms authentication timeout is set to 60 minutes, so that shouldn't be an issue, right?
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="60" />
</authentication>
and my session state timeout value is also set to 60 minutes:
<sessionState mode="InProc" customProvider="DefaultSessionProvider" timeout="60">
Based on the answer here, I added this line also, which didn't seem to solve the issue:
<machineKey validationKey="AutoGenerate,IsolateApps" decryptionKey="AutoGenerate,IsolateApps"></machineKey>
Any ideas to what the problem might be and what I can do to solve the problem?
Open the web. config file, then increase the value in minutes by using the time out attribute of SessionState element. By default, the session timeout value is 20 minutes. Also in your case if you are using forms authentication, please check the timeout value.
In web applications, session holds the information of current logged-in users. So, if the session expires in 20 minutes, then it is redirected to login page. In that case, we need to check if session exists (not null) in every action/ every controller which requires authentication.
Your sessions are not timing out. The IIS is crashing. Since you are using in memory sessions, every time IIS crashes, your sessions are gone and the user gets logged out. You should check the server's event views and look into details of errors to find out what the error is.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With