Community discussion forum

what's the difference between session timeout and forms timeout?

• • Reply

  2 years ago

  by kiran_beladiya

  Kiran Beladiya

  , India

  Joined 2 years ago

  Hi Friends,

  During development of an asp.net 2.0 website i come across the following scenario :

  My web.config contains two nodes as follow :

  <sessionState mode="InProc" cookieless="false" timeout="4" />

  and second one is

  <forms name="secure" defaultUrl="login.aspx" protection="All" timeout="5"/>

  Can anybody tell me what are the difference between these two timeout values? which one of the two timeout values my session will take?

  another one thing confusing is slidingExpiration attribute. Why is it the attribute of forms node instead of sessionState node in web.config?

  somewhere i read we can't use slidingExpiration="true" in combination of cookieless="true" setting. Is it true?

  finally, i want to set my session timeout to 15 min, with cookieless="true", and with slidingExpiration="true" and it should be across the full site(not only for particular forms), can anybody teach me to set these things in web.config file?

  Thanks in advance

  Kiran Beladiya

  Report abuse
• • Reply

  2 years ago

  by mmharinath

  M M Harinath

  Chennai, India

  Joined 3 years ago

  The time-out in <Form> tag refers to the number of seconds an ASP.NET page is given before the operation is assumed to have failed and the page terminated.

  The sessionState time-out refers to the number of minutes before the user session is aborted.

  Report abuse