Is SessionState timeout the same as login timeout

Discussion in 'ASP .Net' started by Randall Parker, Dec 6, 2005.

  1. Does the SessionState timeout field in Web.config control how long a logged in
    session will stay logged in?

    For example, I want my users to be able to log in once during their work day and for
    their log-ins to remain valid for 12 hours. Is this below the way to do it?

    sqlConnectionString="data source=;Trusted_Connection=yes"

    (ignore the stateConnectionString and sqlConnectionString which I do not even
    understand at this moment)

    Does the timeout="7200" mean 7200 seconds from the time of logging in that the
    Session object will be deleted from the ASP.Net server and hence that the user will
    no longer be logged on?

    Or, to put it another way: If the browser cookie lasts longer than the session object
    does the user have to log back in if the session object expires but the browser
    cookie still exists?

    I want to add some setting to the session object and/or browser cookie that control
    what fields are available on web pages based on what I find in a log-in database
    table record when I check the username and password. Can I add those fields to the
    cookie that gets created when the user logs in?
    Randall Parker, Dec 6, 2005
    1. Advertisements

  2. Basically the session state means that the users session data will remain
    active for in your case 7200 seconds after the user's last request to the

    So for example:

    7200 = 12 Hours
    3600 = 6 hours
    60 = 1 hour

    I browse your web site @ 1am, I do nothing more and my session now does not
    expire until 1pm
    I browse your web site @ 1am and browse around until 2am, now your session
    does not expire until 2pm

    Session state is used when you want to store some details for the particular

    Something like this:

    Session["UserName"] = Chris
    Session["UserID"] = 1234

    So it is not a period of time after they logged in for example but the
    amount of time after the last request before those session variables are
    cleared from the servers memory.


    Chris Crowe [IIS MVP 1997 -> 2006]
    Chris Crowe [MVP 1997 -> 2006], Dec 6, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.