• TechieHook
  • C#
  • Increase the Session Timeout in ASP.NET MVC Application
C#
Article

Increase the Session Timeout in ASP.NET MVC Application

Techiehook Techiehook
Updated date May 29, 2024
In this article, we will learn how to increase the session timeout in your ASP.NET MVC application for a more flexible and user-friendly experience.

Session Timeout in ASP.NET MVC Application

Session timeout is important in web applications which determines the duration a user can remain inactive before being automatically logged out. In ASP.NET MVC applications, the default session timeout is set to 20 minutes. However, there are scenarios where you might need to extend this duration based on your application's requirements. 

Understanding Session Timeout:

ASP.NET uses session state to store user-specific information across multiple pages. The session timeout is the duration for which the session state will be preserved without user activity. Once this timeout period elapses, the session is considered expired, and the user is typically redirected to the login page.

Steps to Increase Session Timeout:

1. Web.config Configuration:

Open the Web.config file in your ASP.NET MVC project, and locate the <system.web> section. Add or modify the sessionState element to set a custom timeout value (in minutes).

<system.web>
  <!-- Other configurations -->
  <sessionState timeout="60" />
</system.web>

In this example, the session timeout is set to 60 minutes. Adjust the value based on your application's requirements.

2. Global.asax Configuration:

Another way to set the session timeout is through the Global.asax file by handling the Session_Start event. Open the Global.asax.cs file, and add the following code:

protected void Session_Start(object sender, EventArgs e)
{
    // Set the session timeout to 60 minutes
    Session.Timeout = 60;
}

This method allows you to have more dynamic control over the session timeout, potentially setting it based on user roles or specific conditions.

3. Persistent Session Across Requests:

By default, ASP.NET resets the session timeout with each request. If you want the session timeout to only decrease when there is no user activity, you can use the Session.Timeout property along with sliding expiration. Update the Web.config file as follows:

<system.web>
  <!-- Other configurations -->
  <sessionState timeout="60" mode="InProc" cookieName="YourSessionCookie" cookieSlidingExpiration="true" />
</system.web>

This ensures that the session timeout is extended by the timeout value for each request.

ABOUT THE AUTHOR

Techiehook
Techiehook
Admin, Australia

Welcome to TechieHook.com! We are all about tech, lifestyle, and more. As the site admin, I share articles on programming, tech trends, daily life, and reviews... For more detailed information, please check out the user profile

https://www.techiehook.com/profile/alagu-mano-sabari-m

Comments (1)

Latest Posts

Popular Posts