Menu
My MVC 5 site has web.config like this:
<authentication mode="Forms"> <forms name=".ADAuthCookie" loginUrl="~/Account/Login" timeout="2880" slidingExpiration="true" protection="All" /> </authentication> but timeout doesn't work. It doesn't matter what value I give here, it always expires after 20-30 mins. How can I maintain users logged in for longer period or until they sign-out?
Is there any way I can achieve this using "In-Proc" only? Or I am missing something here?
315
The default is 20 minutes.
Open the web. config file, then increase the value in minutes by using the time out attribute of SessionState element. By default, the session timeout value is 20 minutes. Also in your case if you are using forms authentication, please check the timeout value.
In web applications, session holds the information of current logged-in users. So, if the session expires in 20 minutes, then it is redirected to login page. In that case, we need to check if session exists (not null) in every action/ every controller which requires authentication.
The default is 10 minutes. Session. Timeout has no hard-coded limit. Most Web administrators set this property to 8 minutes.
You are dealing with two separate issues, auth timeout and session timeout. Session timeout is controlled by the following key in web.config...
<system.web> <sessionState mode="InProc" timeout="30" /> </system.web> I'm not sure which you are encountering but I suspect it is the session timeout you are encountering rather than the authentication timeout... Try removing the timeout from your forms tag entirely and see if that gives you what you are looking for.
More information here- forms timeout issue in asp.net mvc
173
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
