问题
For testing purpose I want to set session timeout to 1 minute - is it possible?
I have defined timeout as 1 minute in web.config, but it is not working (I heard default timeout is 20 minutes so minimum 20?)
<sessionState mode="StateServer" cookieless="false" timeout="1"/>
回答1:
Yes, you can set it to less than 20 minutes. Default 20 doesn't means minimum 20 .
Also, you used <sessionState> element of Web.config, so set it as:
<sessionState mode="StateServer" cookieless="false" timeout="1" />
Check this forum on asp.net : http://forums.asp.net/t/1725273.aspx/1
回答2:
A session starts every time a new user hits the website, regardless of whether or not they are anonymous. Authentication has very little to do with Session.
Authentication timeout is the amount of time that the authentication cookie is good for on the user's browser. Once the cookie expires, they must re-authenticate to access protected resources on the site.
So, if Session times out before the Authentication cookie - they are still authenticated, but all their session variables disappear, and may cause errors in your website if you are not disciplined in checking for nulls and other conditions brought about by missing session.
If Authentication times out before the session, then all their session variables will still exist, but they won't be able to access protected resources until they log back in again.
回答3:
Check this url. It may helpful
http://www.aspdotnet-suresh.com/2010/10/session-timeout-problem-in-aspnet.html
回答4:
set <sessionState mode="StateServer" cookieless="false" timeout="1" />
来源:https://stackoverflow.com/questions/18503784/is-it-possible-to-set-session-timeout-to-1-minute-in-asp-net