Session timeout length

[Fishcake]

I'm trying to make a Session last for 2 hours but just can't seem to make it work.

i have this code in web.config

Code:

    <sessionState 
            mode="InProc"
            stateConnectionString="tcpip=127.0.0.1:42424"
            sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
            cookieless="false" 
            timeout="120" 
    />

and then try and set session.timeout when a session begin ie.

VB Code:

Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs)
        ' Fires when the session is started
        Session.Timeout = 120
    End Sub

If in debug mode i use a breakpoint and check the value of Session.timeout it does indeed equal 120, yet the Session never lasts that long when i test it by leaving it alone, say for 30 mins then i come back to it run a little test that tests session values only to find the session has ended.

Anyone know any idea why this is happening?
Is 2 hours just to long to hold Session? if so why is session.timeout an integer (in minutes)?

Thanks for any help.

[axion_sa]

Open IIS, find your web app & open the Properties window. Click on the Configuration button, and then the Options tab - you should find the option "Session Timeout"

[Fishcake]

ahh, so there's a limit set on the server. I've got no access to the server at all. Oh well, least i can tell the boss it isn't my fault.

[Fishcake]

Just got off the phone to the hosts and their support department (though i don't trust them) say that the value for Session timeout thats set in the IIS application configuration is just a default that should be over written by my web.config. Yet this clearly isn't happening. Are they just talking rubbish?

[axion_sa]

They seem to be correct - http://support.softartisans.com/kbview.aspx?ID=676.
A quick test you could do is to get the session timeout in IIS set to 1 minute, and leave web.config at 20. Leave the app for a minute or two & see if the session has expired.

[Fishcake]

Seem to have gotten to the bottom of my problem now though i don't understand how this happens.

Setting session timeout to 120 minutes in web.config is keeping a user authenticated for 2 hours (because of cookies?) but i don't seem to be able to overule the host servers session timeout of 20 mins which meant the user wasn't getting kicked off the site but was trying to use session variables that didn't exist anymore which was causing the app to crash.

Axion, thanks for your help but i couldn't find anything in that link.