ASP.NET Forms Authentication timeout

Question

This could be a very simple question, but after a few hours trying to understand how this works on ASP.NET 4.0 I still don\'t know.

I\'m using Forms Authentication. I ha

Answer 1

For A you will want to set the session timeout variable to however long you want the user to stay logged in for The Timeout property specifies the time-out period assigned to the Session object for the application, in minutes. If the user does not refresh or request a page within the time-out period, the session ends.

For part B I would suggest storing that value in a session variable(or cookie but that doesn't reside on the server) and checking for that value in the Session_End event in the global.asax file. If it is set then renew the session.

The Session_End event doesn't fire when the browser is closed, it fires when the server hasn't gotten a request from the user in a specific time period (by default 20 minutes).