Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is default session timeout in ASP.NET?

Tags:

asp.net

session

timeout

asp.net-2.0

People also ask

What is default session timeout in .NET core?

By default, the session's data is stored inside the server memory and the IIS contains the idle-timeout. The idle-timeout default value is 20 minutes.

How long does ASP.NET session last?

A session ends if a user has not requested or refreshed a page in the application for a specified period. By default, this is 20 minutes.

What is session timeout?

Session timeout represents the event occuring when a user does not perform any action on a web site during an interval (defined by a web server). The event, on the server side, changes the status of the user session to 'invalid' (ie.

How long is session timeout?

Typical session timeouts are 15- to 45-minute durations depending on the sensitivity of the data that may be exposed.

It is 20 Minutes according to MSDN

From MSDN:

Optional TimeSpan attribute.

Specifies the number of minutes a session can be idle before it is abandoned. The timeout attribute cannot be set to a value that is greater than 525,601 minutes (1 year) for the in-process and state-server modes. The session timeout configuration setting applies only to ASP.NET pages. Changing the session timeout value does not affect the session time-out for ASP pages. Similarly, changing the session time-out for ASP pages does not affect the session time-out for ASP.NET pages. The default is 20 minutes.


It depends on either the configuration or programmatic change.
Therefore the most reliable way to check the current value is at runtime via code.

See the HttpSessionState.Timeout property; default value is 20 minutes.

You can access this propery in ASP.NET via HttpContext:

this.HttpContext.Session.Timeout // ASP.NET MVC controller
Page.Session.Timeout // ASP.NET Web Forms code-behind
HttpContext.Current.Session.Timeout // Elsewhere

  1. The Default Expiration Period for Session is 20 Minutes.
  2. The Default Expiration Period for Cookie is 30 Minutes.
  3. Maximum Size of ViewState is 25% of Page Size

The default is 20 minutes. http://msdn.microsoft.com/en-us/library/h6bb9cz9(v=vs.80).aspx

<sessionState 
mode="[Off|InProc|StateServer|SQLServer|Custom]"
timeout="number of minutes"
cookieName="session identifier cookie name"
cookieless=
     "[true|false|AutoDetect|UseCookies|UseUri|UseDeviceProfile]"
regenerateExpiredSessionId="[True|False]"
sqlConnectionString="sql connection string"
sqlCommandTimeout="number of seconds"
allowCustomSqlDatabase="[True|False]"
useHostingIdentity="[True|False]"
stateConnectionString="tcpip=server:port"
stateNetworkTimeout="number of seconds"
customProvider="custom provider name">
<providers>...</providers>
</sessionState>

The Default Expiration Period for Session is 20 Minutes.

You can update sessionstate and configure the minutes under timeout 

<sessionState 
timeout="30">
</sessionState>

Related questions

Assign format of DateTime with data annotations?
X-Frame-Options Allow-From multiple domains
ASP.Net error: "The type 'foo' exists in both "temp1.dll" and "temp2.dll"
force browsers to get latest js and css files in asp.net application
How should I inject a DbContext instance into an IHostedService?
Entity Framework Refresh context? [closed]
"Could not load type [Namespace].Global" causing me grief
How to get rid of Naming rule violation messages in Visual Studio?
Cannot drop database because it is currently in use
The instance of entity type cannot be tracked because another instance of this type with the same key is already being tracked
ASP.NET MVC Custom Error Handling Application_Error Global.asax?
How to assign Profile values?
Avoiding SQL injection without parameters
ASP.NET Core Web API Authentication
Convert all first letter to upper case, rest lower for each word
ASP.NET Identity reset password
Read Post Data submitted to ASP.Net Form
"The transaction log for database is full due to 'LOG_BACKUP'" in a shared host
@Html.HiddenFor does not work on Lists in ASP.NET MVC
Repeater, ListView, DataList, DataGrid, GridView ... Which to choose?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!