Web.config timeout

L

LisaConsult

The user has indicated that the application seems to be kicking her out, even
though she is sure that she is submitting a form faster than every 30
minutes. I thought that I had set the Web.Config on the ASP.NET application
to time out after 30 minutes of inactivity, but maybe I don't have something
set up correctly. Here's the basis of my Web.Config (stripped down without
comments):

<?xml version="1.0" encoding="UTF-8" ?>
<configuration>
<appSettings>
<add key="ConnectionString" value="User ID=userid;Initial
Catalog=dbname;Data Source=servername.net;password=userpassword" />
</appSettings>

<location path="ForgotPswd.aspx"><system.web><authorization><allow
users="*" /></authorization></system.web></location>

<system.web>
<sessionState mode="InProc"
timeout="30" />
<compilation debug="true"/>
<customErrors mode="Off"/>

<authentication mode="Forms">

<forms name=".ASPXAUTH"
loginUrl="login.aspx" />
</authentication>

<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>

Additionally, I have this in the Page_Load of the web page:
Response.AddHeader("Pragma", "no-cache")
Response.Expires = -1
Response.Expiresabsolute = Now().Subtract(New TimeSpan(1, 0, 0, 0))
Response.CacheControl = "no-cache"

Do you see any reason why it would expire unless they truly had 30 minutes
of no activity submitted to the server? Is there anything wrong here?
Thanks.
 
M

[MSFT]

The <forms> element also has an attribute "Timeout", you may set it to a
large to see if it will help. Or you may consider use Persistent cookies
cookie for the form authentication.

Hope this help,

Luke
 
L

LisaConsult

But, please help me to understand, what would be kicking the user out of the
session if they were sending information to the server and everything below
looks fine? What would cause the session to be lost. The user assures me
that when this occurs it's about 1-2 minutes per submission, not 30 minutes.
We currently don't want to go the cookie route.
 
M

[MSFT]

Hello,

Since you use Forms authentication, a cookie will be sent to client,
indicating the user has been authenticated. If this is timeout (not the
session), the user will be redirect to the login in page if they request to
server.

Luke
 
L

LisaConsult

I just found out that this web app was moved from a Win2K server to a Win2003
server last week. This is when the problem began occuring, is there a
difference between the OSs which would cause this? Thanks.
 
M

[MSFT]

Generally speaking, Windows 2000 works with IIS 5.0 and Windows server 2003
with IIS 6.0 and .NET framework 1.1. There are many differences between
them. Besides, the two computers may have different machine.config and
security settings. I suggest you may first try to set the timeout value for
forms authentication, and see if this can fix the problem. If not, we can
go to see other issues related.

Luke
 
L

LisaConsult

I apologize for the lack of mentioning it. I did place a Timeout in the
Web.Config like this:
<authentication mode="Forms">
<forms name=".ASPXAUTH"
loginUrl="PAE/login.aspx" />
</authentication>

The user is still getting kicked out of the system. The odd thing is that
it's sporadic. She can get kicked out 5 times in 7 hours or 1 time in 5
minutes with no real consistency about it. It is not always in the same
screen either. Thanks for your continued assistance.
 
M

[MSFT]

What is the value you set for form authenttication?

<authentication mode="Forms">
<forms name=".ASPXAUTH"
loginUrl="PAE/login.aspx" />
</authentication>

And, is the only user who encounter the problem? If so, did she have any
proxy/firewall between her and the server? Any, any antivirus software
installed?

Luke
 
L

LisaConsult

<authentication mode="Forms">
<forms name=".ASPXAUTH"
loginUrl="PAE/login.aspx"
timeout="20"/>
</authentication>

Currently there is only one consistent user within the organization.
Because the system is in Beta, there are currently no other users. The
application is hosted by an outside host provider. They are going through a
firewall and they do have norton antivirus software installed.
 
M

[MSFT]

Since the problem was sporadic, it looks to me that it is a configration
issue. The timeout settings are fixed and won't be random. Based on my
experience, it may be a problem related to the outside host provider. I
suggest you may contact them, and ask if they have found such an issue fore
other clients. Especially, for session and cookie.

Luke
 
M

[MSFT]

Hello,

Any progress? Did the outside host provider give some suggstions on this
issue?

Luke
 
R

Ravichandran J.V.

By the look of it, this web.config must be a config file in a sub
folder. I presume so because of the <location path=> attribute. If this
is so, change the root web.config file.


with regards,


J.V.Ravichandran
- http://www.geocities.com/
jvravichandran
- http://www.411asp.net/func/search?
qry=Ravichandran+J.V.&cob=aspnetpro
- http://www.southasianoutlook.com
- http://www.MSDNAA.Net
- http://www.csharphelp.com
- http://www.poetry.com/Publications/
display.asp?ID=P3966388&BN=999&PN=2
- Or, just search on "J.V.Ravichandran"
at http://www.Google.com
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top