The WebSecurity component in Webmatrix is pretty slick, but users' sessions expire too quickly for me. It seems like it's measured in hours and I'd like the session timeout to be more in terms of days.
How do I change the session timeout?
Asked
Active
Viewed 1,831 times
1 Answers
6
In answer to your question, you can set any value for session timeout in your web.config:
<configuration>
<system.web>
<sessionState timeout="value_in_minutes"></sessionState>
</system.web>
</configuration>
By default, sessions expire 20 minutes after the last activity from the user. Having sessions last for days seems insane. There is absolutely no sensible reason that I can think of for that. What problem are you trying to solve, exactly?
Mike Brind
- 28,238
- 6
- 56
- 88
-
Right now I'm doing dev and find it extremely annoying to have it timeout (and not realize why calls are failing). But long term I just know that 20 minutes is not long enough. I can't remember stack overflow EVER timing out on me. – tig Oct 25 '11 at 06:10
-
7You can provide the illusion of keeping users logged in via cookies, which can be persisted for as long as you like. Sessions are maintained on the web server, and you wouldn't want hundreds or thousands of those occupying memory for days on end. – Mike Brind Oct 25 '11 at 08:36