1

If the user pauses for more than 20 minutes and does not work with the site, the site will remove her from the account and the user must log in again.

Host support says use Session Timeout in web.config.I tried many ways but failed for example:

    services.AddSession(options =>
    {
        options.IdleTimeout = TimeSpan.FromHours(6);
    });

        services.ConfigureApplicationCookie(options =>
        {
            options.ExpireTimeSpan = TimeSpan.FromMinutes(360);
            options.LoginPath = "/Identity/Account/Login";
            options.SlidingExpiration = true;
        });

my web.config

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <location path="." inheritInChildApplications="false">
    <system.webServer>
      <handlers>
        <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
      </handlers>
      <aspNetCore processPath="dotnet" arguments=".\ModiranVira.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
    </system.webServer>
  </location>
</configuration>
<!--ProjectGuid: DCDBD7A7-41AE-4CFE-A641-D1F9750A311C-->
Rena
  • 30,832
  • 6
  • 37
  • 72
stoo frisat
  • 75
  • 1
  • 9
  • https://stackoverflow.com/questions/34979680/asp-net-core-mvc-setting-expiration-of-identity-cookie suggests that `ExpireTimeSpan` only works with persistent logins. – Jeremy Lakeman Dec 02 '21 at 03:34
  • can I use this Answer in this link for asp.net core https://stackoverflow.com/questions/1205828/how-to-set-session-timeout-in-web-config – stoo frisat Dec 02 '21 at 18:22

1 Answers1

0

There's a Session State module on IIS. When you choose state server, it will allow you set session time-out.

enter image description here

Or you can set in ASP module.

enter image description here

Finally check your Application Pool's idle timeout that application pool idle timeout too matches your session timeout.

enter image description here

Bruce Zhang
  • 2,880
  • 1
  • 5
  • 11