Recently we did release to a staging environment running IIS7.x, .NET 3.5. after few days of release users get problem of session timeout when user leave the pc for an hour or more than that. So I have started to search for the cause.
Looked into the session timeout settings in web.config of the application. we already set timeout to 180 minutes (3 hour). So I have tested it myself & came to know that user session get expires after 20 minutes (which is the default setting).
So I started looking into the IIS settings and came to know that i missed two things to change :
- Application pool’s Idle Time-out(minutes)
- Session state – State server’s Time-out (seconds)
Once I have changed above settings than after Session timeout worked.
So after that I have made one checklist that can help us to validate Session timeout settings, here i am sharing it with you as well so that you will also get some benefits from it :
- Application Pool – Advanced Settings Menu – Process Model – Idle Time-out (minutes)
- Sites – Session State – Cookie Settings – Time-out (minutes)
- If you are using State Server or SQL Server to manage your session (instead of InProcess), Here is the steps to follow : Sites – Session State – Session State Mode Settings – Time-out (seconds)
- Under Web.config – system.web – authentication mode – forms – timeout (for form authentication)
That is all , no more things you need to set in order to increase session timeout from its default value.
Simple but very useful tips.
Hope this will help !!!