Problems with ASP.NET Authentication ticket expiration

I have an ASP.NET MVC 3 application with the following web.config settings.

<authentication mode="Forms">
    <forms loginUrl="~/Account/LogOn" slidingExpiration="true" timeout="525600" path="/" /> 
</authentication>

My problem is on the deployed application, I get logged out automatically after 5 minutes or after closing the browser. If I check the .ASPXAUTH cookie on the browser after I am logged 开发者_如何学Goout, it correctly shows the expiration date.

The cookie is supposed to expire after one year and it works fine on my local machine. My guess is that the ticket is getting reset, but I do not know why.

The app is ASP.NET MVC 3, .NET Framework 4.

Any insight into this will help.

do you have an automatically generated machine key (formsauthentication uses that to encrypt the cookie) the app might be resetting it on the server and then it can't decrypt the one on the client.

Are you issuing a custome token?. If so, it will override the web.config setting. Check this article for details.