What is the maximum number of minutes for Session timeout?

Discussion in 'ASP .Net' started by dee, May 11, 2005.

  1. dee

    dee Guest

    Hi,

    What is the maximum number of minutes for Session timeout that I can specify
    in web.config?
    Thanks.
    Dee
     
    dee, May 11, 2005
    #1
    1. Advertisements

  2. If I remember correctly its 365 days, which would be 525,600 minutes.....

    Regards

    John Timney
    ASP.NET MVP
    Microsoft Regional Director
     
    John Timney \(ASP.NET MVP\), May 11, 2005
    #2
    1. Advertisements

  3. It's a very dangerous question to ask, however. Upping the Session Timeout
    is going to incur more memory usage on the server, as it propagates to all
    user Sessions.Usually this question is asked because the developer is
    planning on solving a problem in a way that could otherwise be solved using
    a less machiavellian approach. In the long run, the developer has a much
    greater problem on his/her hands, which is "where has all my memory gone,
    and how do I reduce memory usage in my app?"

    --
    HTH,

    Kevin Spencer
    Microsoft MVP
    ..Net Developer
    What You Seek Is What You Get.
     
    Kevin Spencer, May 11, 2005
    #3
  4. I completely agree with your extra comments Kevin.

    --
    Regards

    John Timney
    ASP.NET MVP
    Microsoft Regional Director
     
    John Timney \(ASP.NET MVP\), May 11, 2005
    #4
  5. dee

    dee Guest

    Thanks everyone.

     
    dee, May 11, 2005
    #5
  6. And, leap years don't count ... ;-)

    The max session timeout in minutes *is* 525,600.

    It's easy to check. Just set the timeout to 525601.

    The error code will read :
    "For InProc and StateServer modes,
    the session timeout value cannot be larger than one year."

    This makes me wonder if with SQL Server SessionState
    the timeout could be set to larger than one year, although
    I can't think of a single reason to set it that high.
     
    Juan T. Llibre, May 11, 2005
    #6
  7. dee

    dee Guest

    Kevin,
    Here is why I asked that Q.
    I save a DataTable in a Sessiopn variable and use it across my pages. There
    is no login required to access the pages. However, I need to think of how
    long to let the user have access to the pages before having to ask him to
    redo his search. This isn't very nice since there is no login. But the
    decision to use Session was made because of speed. I still dont have a
    convinicing solution.
    Dee
     
    dee, May 12, 2005
    #7
  8. Thanks for the additional info, Dee. One solution would be to use a
    client-side mechanism to refresh the page periodically, so that the Session
    doesn't time out as long as the user is on that page. This could be done
    with a META Refresh tag, or using JavaScript's setTimeout() function, if you
    need more control over how the page is "refreshed."

    --
    HTH,

    Kevin Spencer
    Microsoft MVP
    ..Net Developer
    What You Seek Is What You Get.
     
    Kevin Spencer, May 12, 2005
    #8
  9. dee

    dee Guest

    Thanks Kevin,
    That sounds like a much better solution than to ask the user to redo his
    search becuase of a timeout. People assciate, righty, timeouts for logins
    and security reasons.
    Good luck.
    Dee
     
    dee, May 12, 2005
    #9
  10. John Timney \(ASP.NET MVP\), May 12, 2005
    #10
  11. dee

    dee Guest

    Kevin,
    I have a DataGrid on my WebForm. The Meta Refresh works fine if I have not
    clicked on a any row of the gird. My page shows the details of the record
    that is selected in the grid. In that state the Refresh doesnt do anything.
    Any suggestions as to why?
    Thanks.
     
    dee, May 12, 2005
    #11
  12. dee

    dee Guest

    dee, May 12, 2005
    #12
  13. Hi dee,

    Do you have a URL to look at? The META Refresh tag should always work. Of
    course, if it is a WebForm, you may have an issue with PostBack, in which
    case your best bet would be to use JavaScript.

    --
    HTH,

    Kevin Spencer
    Microsoft MVP
    ..Net Developer
    What You Seek Is What You Get.
     
    Kevin Spencer, May 12, 2005
    #13
  14. dee

    dee Guest

    I have the following:
    <meta http-equiv="refresh" content="1200">
    in my Table.aspx.
    If there is nothing selected on the grid inside this page then I see the
    screen flash as it refreshed. However, when a row is selected and hence thte
    page is showing additional dynamic informaiton the refresh doesn take place
    at all.
     
    dee, May 12, 2005
    #14
  15. dee

    Guest Guest

    Perhaps having a session open for a long period of time is not a good idea, I
    don't know there isn't enough quantifiable evidence to support this in either
    direction, however saying "You don't want to keep the session open too long
    because you are going to run out of memory", although has some merits can be
    a onernous statement. Firstly it depends on your application, if you know
    your target audience and how they use your website keeping sessions open
    longer can be beneficial. Take for example an employee who uses an
    application all day long, if you expire the page in 20 minutes, they would
    have to log in roughly 5 to 6 times per day on average, based on normal usage
    patterns. Even though they use that application all day long they aren't
    constantly posting back to the server all day long (checking email, surfing
    the web, etc) So an alternative is use javascript to keep the page alive.
    This might seem great on the surface however, in essence you still are
    keeping the session open for a long period of time (all day), yet you are
    increasing the load on the server (postbacks at least every 20 minutes just
    to keep the session alive) So you get no net decrease in memory usage yet net
    increase in server usage. In my employee example the timeout was simply
    changed to 90 minutes and their log in times in an eight hour day was reduced
    from 6 to 1. Simply because we monitored usage patterns and behaviour. Also
    if you use sqlserver session storage no web server memory is used for
    inactive sessions.

    Where having a low timeout is beneficial, is when you have many visitors to
    the site who use the site very infrequently and stay for 1 or 2 minutes then
    leave and never return. Keeping their sessions open longer, could have a
    negative effect on server resources. But you would know this and would adjust
    timeout to meet the requirements on the users.
     
    Guest, Jul 15, 2005
    #15
  16. See :
    http://support.microsoft.com/default.aspx/kb/233477

    It's 1440 minutes ( 24 hours ), although setting it to that
    amount would run your server to the ground after a few hours.

    Holding session values in RAM for 24 hours, if there's
    a reasonable amount of traffic to the site, will consume
    more RAM than any server could have installed.

    Values between 60 and 15 minutes are mostly used.





     
    Juan T. Llibre, Jul 15, 2005
    #16
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.