ASP.NET Session TimeOut problem

I have a wired scenario in one of my ASP.net application.

I am using ASP.net membership with my custom "roleManager",

and having below tag in web.config to restrict any user not having role of "Keywords"(roles) to access "Keywords"(path) folder

<location path="Keywords">

<system.web>

<authorization>

<allow roles="Keywords"/>

<deny users="*" />

</authorization>

</system.web>

</location>

If any user with some other role allow to assess this URL (Keywords in this case) will be redirected to a custom- Access denied page.

Now things working fine but when I left my application with a inactivity of 30 min I am not able to visit the "Keywords", all the time I end up with the custom- Access denied page, if I开发者_开发百科 close the browser, login again it start working fine.

Please help me in this case.

Thanks in advance

ASP.NET sessions time out after 20 minutes by default, I think.

You can extend this by specifying a longer time (in minutes) in the Web.config:

<system.web>
    <sessionState timeout="60"/>
    ...
</system.web>

If you are authenticating via Forms, you should raise the authentication cookie timeout value to match.

Also bear in mind that, when running the site under IIS, you should probably extend the application pool's idle timout to something similar. If you don't do this, the HttpApplication instance for your ASP.NET site will be unloaded, destroying any active sessions in the process.

Usually, the first and easiest thing to do is just change the configuration/system.web/sessionState@timeout value to something like “90″

<sessionState timeout="90" />

it still appears to be timing out after 20 minutes. *This doesn’t make any sense, it explicitly says that the session timeout should be exactly 90 minutes.*

There’s a couple of issues that are tied together here:

1. The application pool’s worker process default idle timeout is also set to 20 minutes
2. The default mode of storing session state is in the IIS process

The settings for the application pool can be found by clicking Properties (IIS 6) or Advanced Settings (IIS 7.5) on the application pool that the application is assigned to.

Ensure the value of "Idle-Time-out(minutes)" is set to the timeout of your session, at a minimum (ex 90), to ensure that all sessions persist for the entire session timeout period.

try this solution if still there is a problem refer to this article it tell more option to try

http://asp-net.vexedlogic.com/2012/05/23/aspasp-net-session-timeout-how-do-i-change-it/