Determining the life span of a session

I am trying to control the life span of a session in ASP.NET. I am using form authentication (FormsAuthenticationTicket).

Although is seems a pretty trivial issue, I cannot put together all the settings (preferably in application's web.config file + code) so that the lifetime of a session can be precisely determined per user.

I already asked this question: User driven session expiration and I got valuable response from Massimiliano.

But only setting up Session.Timeout programatically will not solve my problem, as there are other IIS7 settings that need to be done, like stting the Idle Timeout property and so on.

Now, my question is: can anybody list ALL the settings that control the lifetime of a sesion? Preferably the settings should be specified 开发者_运维技巧in the application's web.config, so the deployment should be as thin as possible.

Thanks.

Cannot give out the setting directly, but think your problem may caused by a cookie setting. As in ASP.net, a server need a session id to maitain the user's session content stored on server.This id is normally stored in cookie, so if there is any cookie expiration setting, they may effect your session life span.