How to increase Session timeout in C# MVC web application?

Question

Hi, I am developing an web application in c# MVC, I am facing an issue in login session time. After few minutes login when I refresh the page or go to another page, it will logout and redirect to login page. I also set the 'timeout='1440' in web.config file. Kindly go through following code. WEB.CONFIG '4.5' tempDirectory= 'C:\Inetpub\vhosts\webdealsinv.com	mp' /> '4.5' /> 'Forms' > 'Home/Login' timeout= '1440' slidingExpiration= 'true' /> 'true' defaultProvider= 'InvRoleProvider' cookieTimeout= '1440' > 'InvRoleProvider' type= 'Inventory.Helper.InvRoleProvider' /> '*.less' verb= 'GET' type= 'dotless.Core.LessCssHttpHandler, dotless.Core' /> 'GET' path= 'routejs.axd' type= 'RouteJs.RouteJsHandler, RouteJs' /> '1440' /> 'InProc' timeout= '1440' cookieless= 'false' /> LOGIN ACTION [HttpPost, AllowAnonymous] public ActionResult Login(InvUser invuser) { string result = objData.CheckUser(invuser); if (result == 'Success' ) { InvUser _invuser = objData.GetUser(invuser); FormsAuthentication.SetAuthCookie(_invuser.UserID.ToString() + '|' + _invuser.FirstName, true ); return RedirectToAction( 'Index' , 'Admin' ); } else { ViewBag.Msg = 'Invalid Email or password!' ; return View(); } }

Sachin Singh · Answer

then use Ticket , it may work [HttpPost, AllowAnonymous] public ActionResult Login(InvUser invuser) { string result = objData.CheckUser(invuser); if (result == "Success" ) { InvUser _invuser = objData.GetUser(invuser); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, _invuser.UserID.ToString() + "|" + _invuser.FirstName, DateTime.Now, DateTime.Now.AddDays(24), true , userData, FormsAuthentication.FormsCookiePath); // Encrypt the ticket. string encTicket = FormsAuthentication.Encrypt(ticket); // Create the cookie. Response.Cookies.Add( new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); return RedirectToAction( "Index" , "Admin" ); } else { ViewBag.Msg = "Invalid Email or password!" ; return View(); } }

Sachin Singh · Answer

use timeout in your form tag under web.config "Home/Login" timeout= "2880" />

Arif Hussain · Answer

Hi, Issue was solved after adding machinekey in web.config file. Thankyou @Sachin and @Mageshwaran for your valuealble comment and time.

Mageshwaran R · Answer

Hi Arif, Using ActionFilterAttribute public class SessionExpireFilterAttribute : ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { HttpContext ctx = HttpContext .Current; // check if session is supported CurrentCustomer objCurrentCustomer = new CurrentCustomer(); objCurrentCustomer = ((CurrentCustomer)SessionStore.GetSessionValue(SessionStore.Customer)); if ( objCurrentCustomer == null) { // check if a new session id was generated filterContext.Result = new RedirectResult("~/Users/Login"); return; } base.OnActionExecuting(filterContext); } } [SessionExpire] public ActionResult Index() { return Index(); }

Arif Hussain · Answer

HI @Sachin I changed timeout value to 2880 and removed "InProc" timeout= "1440" cookieless= "false" /> in web.config but problem is still same. Please note. Session timeout is working fine in local system, but when I publish this application in vps Its does'nt work.

Sachin Singh · Answer

instead of "InProc" timeout= "1440" cookieless= "false" /> use "Home/Login" timeout= "2880" />

Arif Hussain · Answer

Hi #Sachin, I already set the timeout value to 1440, which is equail to 24hrs, after that session is expring in few mins.

Arif Hussain · Answer

In this question I forgot to mention that this application is hosted on windows VPS. I did the following settings in IIS Manager. kindly check it.

How to increase Session timeout in C# MVC web application?

Insert Link

Embed YouTube Video

Table Options

Insert Image

Answers (8)