Reputation: 4605
Create Action which doesn't affect session timeout
In my ASP.NET MVC 3 application, I have a timer which executes a controller action every period of time. This way my session is never timed out...
I don't want this action to reset the session timer every time it is executed. I tried to do this by creating a custom attribute [AllowAnonymous] like this link
http://blogs.msdn.com/b/rickandy/archive/2011/05/02/securing-your-asp-net-mvc-3-application.aspx
but this way, any user will be able to access this action without logging in, and that's not what I want.
Any ideas ?
Upvotes: 3
Views: 1132
Answers (2)
Reputation: 8474
How about creating a different application that accessed through a subdomain? I think this is not only the easiest but also cleanest way to do this.
If you use any other way and another developer needs to support it later, the cost of doing it will probably be higher depending on the complexity of the solution if they need to change it somehow.
Upvotes: 0
Reputation: 1038710
You could disable sliding expiration for the session in your web.config:
<forms slidingExpiration="false" loginUrl="~/Account/LogOn" timeout="2800" />
This way the forms authentication cookie won't be renewed and the ticket will be valid only for a fixed amount of time.
And if you wanted to disable sliding expiration only for certain requests you may take a look at the following answer. It's a bit hacky because the ticket renewal code is buried deep into the FormsAuthenticationModule.
Upvotes: 1
Related Questions
- How to maintain session timeout for long period in asp.net mvc4?
- Session timeout in mvc application
- Session Start and Action Filter for Session Timeout handling
- How to handle Session timeout in MVC 3
- Session timeout
- How to increase Session timeout in MVC 3
- ASP.Net MVC keep session alive for as long as possible
- Increase session timeout on .net mvc 3
- MVC3 action that do not refresh session expiration
- session value timeout