Hi all,

Recently we did release to a staging environment running IIS7.x, .NET 3.5. after few days of release users get problem of session timeout when user leave the pc for an hour or more than that. So I have started to search for the cause.

Looked into the session timeout settings in web.config of the application. we already set timeout to 180 minutes (3 hour). So I have tested it myself & came to know that user session get expires after 20 minutes (which is the default setting).

So I started looking into the IIS settings and came to know that i missed two things to change :

1. Application pool’s Idle Time-out(minutes)
2. Session state – State server’s Time-out (seconds)

Once I have changed above settings than after Session timeout worked.

So after that I have made one checklist that can help us to validate Session timeout settings, here i am sharing it with you as well so that you will also get some benefits from it :

1. Application Pool – Advanced Settings Menu – Process Model – Idle Time-out (minutes)
2. Sites – Session State – Cookie Settings – Time-out (minutes)
3. If you are using State Server or SQL Server to manage your session (instead of InProcess), Here is the steps to follow :       Sites – Session State – Session State Mode Settings – Time-out (seconds)
4. Under Web.config – system.web – authentication mode – forms – timeout (for form authentication)

That is all , no more things you need to set in order to increase session timeout from its default value.

Simple but very useful tips.

Hope this will help !!!

Jay Ganesh