Menu
I am looking for a solution where we can make a FormsAuthenticationTicket (and corresponding cookie) with a very long expiration period. This is possible by setting a high value or using a sliding expiration, but when the application pool of the website is recycled, the FormsAuthenticationTicket disappears (I think), the cookie gets invalid and the user is asked to login again.
Is there any way around this?
460
What is application pool recycling in IIS? Recycling means that the worker process that handles requests for that application pool is terminated and a new one is started. This is generally done to avoid unstable states that can lead to application crashes, hangs, or memory leaks.
As an aside you should schedule any application pool recycles to occur during off-peak hours, as you've realised it will clear any active sessions and will break the user experience if the application relies on session storage.
By default, an IIS application pool (or “AppPool”) recycles on a regular time interval of 1740 minutes, or 29 hours. One reason for this time interval is that application pools don't recycle at the same moment every day (every day at 07.00 for example).
Set static machineKeys instead of the auto generated. This way the FormsAuthenticationTicket will survive app pool recycling.
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
