CODEWITHSUNDEEP
asp.net-mvciissession-timeout
NoWar
NoWar

Reputation: 37642

ASP.NET MVC Session Timeout doesn't work

If I am seting Session Timeout like less then 20 mins everything is working fine.

But if it is > 20 mins it doesnt work. It happens with VS 2013 and Production IIS.

Here is a code I have use.

How to fix that issue? Thank you!

STARTUP.AUTH

  public partial class Startup
    {  
        public void ConfigureAuth(IAppBuilder app)
        {
            var sessionTimeout = 5;

            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                ExpireTimeSpan = TimeSpan.FromMinutes(sessionTimeout),
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Account/Login")
            });
}

GLOBAL.ASAX

 protected void Session_Start(object sender, EventArgs e)
        {

                Session.Timeout = 5;

        }

P.S. WEB.CONFIG

   <sessionState mode="InProc"  />

    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login" defaultUrl="~/Account/Login" name="MyApp123"   />
    </authentication>

Upvotes: 1

Views: 2007

Answers (1)

Erik Funkenbusch
Erik Funkenbusch

Reputation: 93464

It sounds like you have FormsAuthentication configuration still in your web.config. You're using ASP.NET Identity, which conflicts with the old FormsAuthentication.

Change to this:

<authentication mode="None"/>

And make sure you have this:

<system.webServer>
    <modules>
        <remove name="FormsAuthentication" />
    </modules>
</system.webServer>

You can also just generate a default Web project with asp.net identity, and look at the web.config, which will have the same entries. Note that the V1 Identity template had a typo that used "FormsAuthenticationModule" instead of "FormsAuthentication" in the remove element. If you're using v2 or better they fixed that typo.

Upvotes: 2

Related Questions