-1

in my code i'm use "Form" in Authentication mode for my "Remmember Me" CheckBox And I want Increase My Session TimeOut. Im Set My Session TimeOut On "21600" Minute And So I'm Set My Cookie Expiration Time Similar Session Time. But It Does't Work...

This Is My Web.Config Code : 

<system.web>
<compilation debug="true" targetFramework="4.5"/>
<httpRuntime targetFramework="4.5"/>
<authentication mode="Forms">
  <forms loginUrl="~/Index.aspx" defaultUrl="~/Page/Dashboard.aspx?tab-1" name=".STAUTHD" cookieless="UseCookies" slidingExpiration="true" protection="All" requireSSL="false" timeout="21600" path="/" enableCrossAppRedirects="false" />
</authentication>
<sessionState mode="InProc" timeout="21600" cookieName="ds_albama"  />
<machineKey validationKey="D50B5C89CB21F4F1422FF158A5B42D0E8DB8CB5CDA1742572A487D9401E3400267682B202B746511891C1BAF47F8D25C07F6C39A104696DB51F17C529AD3CABE" decryptionKey="8A9BE8FD67AF6979E7D20198CFEA50DD3D3799C77AF2B72F" validation="SHA1" />
<membership defaultProvider="OdbcProvider" userIsOnlineTimeWindow="30">
  <providers>
    <add name="OdbcProvider" applicationName="StoreD" type="StoreDashboard.App_Code.OdbcMembershipProvider" connectionStringName="OdbcServices" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" writeExceptionsToEventLog="false" requiresUniqueEmail="false" />
  </providers>
</membership>
<customErrors mode="Off" defaultRedirect="~/Error/ErrorGeneral.html">
  <error statusCode="403" redirect="~/Error/Error403.html" />
  <error statusCode="404" redirect="~/Error/Error404.html" />
  <error statusCode="500" redirect="~/Error/Error500.html" />
</customErrors>
<authorization>
  <deny users="?"/>
</authorization>

This Is My Index.aspx Code :

<asp:Login ID="Login1" runat="server" RenderOuterTable="false" FailureAction="Refresh" FailureText="نام‌کاربری و یا رمز عبور صحیح نیست" OnLoggedIn="Login1_LoggedIn">
        <LayoutTemplate>
            <asp:UpdatePanel runat="server" ID="updLogin">
                <ContentTemplate>
                    <div class="wrapper">
                        <div class="login">
                            <h2>ورود کاربران</h2>
                            <label for="">
                                نام کاربری
                            </label>
                            <asp:TextBox ID="UserName" runat="server" title="ایمیل" ValidationGroup="ctl00$Login1" oninvalid="this.setCustomValidity('ایمیل را صحیح وارد کنید')" oninput="setCustomValidity('')"></asp:TextBox>
                            <label for="">
                                کلمه‌ی عبور
                            </label>
                            <asp:TextBox ID="Password" runat="server" title="کلمه عبور" TextMode="Password" ValidationGroup="ctl00$Login1" oninvalid="this.setCustomValidity('رمز عبور را صحیح وارد کنید')" oninput="setCustomValidity('')"></asp:TextBox>
                            <label class="checkbox">
                                <asp:CheckBox ID="RememberMe" runat="server" Text="<div class='control-indicator'></div>مرا بخاطر بسپار" TextAlign="Right" />
                            </label>
                            <%--<asp:LinkButton ID="LoginButton" runat="server" CommandName="Login" Text="ورود" ValidationGroup="ctl00$Login1" CssClass="button" />--%>
                            <asp:Button ID="LoginButton" runat="server" CommandName="Login" Text="ورود" ValidationGroup="ctl00$Login1" CssClass="button" />
                            <asp:Literal ID="FailureText" runat="server" EnableViewState="False"></asp:Literal>
                        </div>
                    </div>
                </ContentTemplate>
            </asp:UpdatePanel>
        </LayoutTemplate>
    </asp:Login>

This is My Index.aspx Behind Code : 

protected void Login1_LoggedIn(object sender, EventArgs e)
    {

        try
        {
            string username = Login1.UserName;
            BlUser oBlUser = LoadUserInfo(username);

            FillWebInfo(oBlUser);
            PubFunc.SaveLog("LogIn", "user LogIn with username: " + username, Information.UserID, PubFunc.GetUserIP());
        }
        catch (Exception ex)
        {
            PubFunc.SaveLog("Exception", "Exception In Index Of Dashboard :: Login1_LoggedIn: " + ex.Message, "-1", PubFunc.GetUserIP());

            FormsAuthentication.SignOut();
            Session.Clear();
            FormsAuthentication.RedirectToLoginPage();
        }
    }

    private void FillWebInfo(BlUser oUser)
    {
        Information.Name = oUser.Name + " " + oUser.Family;
        Information.UserID = oUser.UserID;
        Information.Username = oUser.Username;
        Information.IsAdmin = oUser.IsAdmin;
        Information.IsCustomer = oUser.IsCustomer;
        Information.IsExpert = oUser.IsExpert;
        Information.IsIntermediate = oUser.IsIntermediate;
        Information.IsSupplier = oUser.IsSupplier;
        Information.IsOperator_AR = oUser.IsOperator_AR;
        Information.IsOperator_CH = oUser.IsOperator_CH;
        Information.IsOperator_DE = oUser.IsOperator_DE;
        Information.IsOperator_EN = oUser.IsOperator_EN;
        Information.IsOperator_FR = oUser.IsOperator_FR;
        Information.IsOperator_RU = oUser.IsOperator_RU;
        Information.IsOperator_TR = oUser.IsOperator_TR;
        Information.IsWebSupporter = oUser.IsWebSupporter;
        Information.IP = PubFunc.GetUserIP();

        if (Login1.RememberMeSet)
        {
            MakeValid(Information.Username, (Information.Name != null ? Information.Name : Information.Username.Substring(0, Information.Username.IndexOf('@'))));
        }

    }
    private void MakeValid(string userName, string userData)
    {
        //////here//////

        FormsAuthentication.Initialize();
        DateTime expires = DateTime.Now.AddMinutes(21600);
        FormsAuthenticationTicket ticket =
            new FormsAuthenticationTicket(1,
                                          userName,
                                          DateTime.Now,
                                          DateTime.Now.AddMinutes(FormsAuthentication.Timeout.TotalMinutes),
                                          true,
                                          String.Empty,
                                          FormsAuthentication.FormsCookiePath);

        string encryptedTicket = FormsAuthentication.Encrypt(ticket);

        HttpCookie authCookie = new HttpCookie(
              FormsAuthentication.FormsCookieName,
              encryptedTicket);       
    }
Rahul Hendawe
  • 902
  • 1
  • 14
  • 39
P_M
  • 1
  • you can refer this [asp.net site session timeout issue](https://stackoverflow.com/questions/37936551/asp-net-site-session-timeout-issue/37936648#37936648) – Rahul Hendawe Oct 25 '17 at 12:33
  • 1) `sessionState` has (*almost*) **nothing** to do with authentication (see also [Forms authentication timeout vs sessionState timeout](https://stackoverflow.com/questions/17812994/forms-authentication-timeout-vs-sessionstate-timeout)). You are barking up the wrong tree (*this includes all the answers about this setting in the `web.config`*). The timeout is determined by the section `forms` attribute `timeout` and the value is in minutes. – Igor Oct 25 '17 at 15:05
  • 2) `But It Does't Work` <= ["It's not working" is not helpful](http://idownvotedbecau.se/itsnotworking/) – Igor Oct 25 '17 at 15:05

2 Answers2

0
<configuration>
   <system.web>
    <sessionState mode="InProc" timeout="350" />
    </system.web>
</configuration>

put this code in web.config

Hitesh Thakor
  • 471
  • 2
  • 12
0
<sessionState mode="InProc" cookieless="true" timeout="10" />

it will set the session timeout to 10 minutes. you can set your desired timeout value accordingly. And if your session is not cookieless then set cookieless="false"

Sajjad Ali
  • 116
  • 10