ASP.NET Why are sessions timing out, sessionstate timeout set

Hey I have the following line in my web.config

<sessionState mode="InProc" timeout="45"/>

Which I thought would keep sessions intact for 45 mins

But I have seen the case where if a user is inactive for lets say 15 mins the sessions times out.

How can I stop this ?

Edit : Just noticed I have the following line in 开发者_JAVA百科the master page

meta http-equiv="Refresh" content="1800;URL=http://www.virtualacademy.ie/login.aspx">

Maybe this is causing the issue, what is the above line doing i.e the number 1800

Be sure to check your IIS configuration because the application pool that your site is hosted on also has its own timeout value which will override your own .config.

To increase it,

1. Open IIS
2. Select Application Pools on the left side
3. Select the Application Pool used by your site
4. Choose advanced settings
5. Under Process Model categtory increase the 'Idle Time-out' value to the desired length.

Hope this helps.

(If you do not have a dedicated server / access to IIS with your hosting provider you will have to contact them to see if they can increase it for you)

If the user closes their browser or clears cookies, or if the AppDomain on the server is recycled, the session state will be lost.

Have you checked logs to see if the app is recycling?

AppDomain recycles are a very common problem for this if the sessionState is InProc. It is very much advised to use a StateServer or SQLServer for production systems instead. See Session-State Modes for documentation on how to use each, and the pros and cons of the three different types.

Personally, we use SQL Server if we must for web server farms--slower but can be shared. We use State Server if the site will only be hosted on a single web server--state survives AppDomain restarts, but not entire server restarts.

Also, in the past we have used an AJAX post in the background while the user is watching long running videos or performing long client-side tasks, so that the session timeout gets reset every few minutes. Nothing special about this code--just have a little JavaScript hit every few minutes some ASPX page that returns nothing.

Are you using Forms Authentication? It has its own timeout setting that when expires will redirect the user to your login page even if their session is still valid.