Forms Authentication Cookie Expiration
I have an ASP.NET web application that uses Forms Authentication. In the web.config, the forms authentication timeout value is set to "20" (which I understand to be 20 minutes).
We're seeing an issue where you'll be interacting with the site..(i.e. clicking on linkbuttons, performing postbacks, etc.) and randomly g开发者_开发知识库et sent back to the Login page to authenticate.
It seems like the timeout is being obeyed, but activity is not restarting the counter.
Any ideas where to look or how to debug this?
check slidingExpiration in web.config and make sure it's set to true
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" protection="All" slidingExpiration="true">
</forms>
</authentication>
also is this load balanced web site? make sure session information is out of process, or use sticky session.
Setting the timeout
attribute on the <forms />
tag is also neccessary as described in this blog post about forms authentication.
精彩评论