asp.net 2.0 会话超时
对于之前可能被问过的问题,我提前表示歉意。我有一个 asp.net 2.0 Web 应用程序,正在尝试设置会话超时。
我的第一次尝试是将其添加到 web.config 中。 < sessionState 模式=“InProc”超时=“300”>
用户会告诉我,闲置大约 20 分钟后,然后尝试在网站上再次执行某些操作,他们会被重定向回登录页面。
所以现在我正在尝试 我的
我还在我的 global.asax 中尝试了 Session.Timeout=60 。
这些应该有效吗?我还需要别的东西吗?感谢您的时间和帮助。
I apologize in advance for this likely being asked before. I have an asp.net 2.0 web application and am trying to set the session timeout.
My first attempt was to add this to the web.config.
< sessionState mode="InProc" timeout="300" >
Users would tell me though that after about 20 minutes of being idle and then trying to do something again on the site they'd be redirected back to the login page.
So now I'm trying
timeout="60" in my < forms tag in the web.config.
I also tried Session.Timeout=60 in my global.asax.
Should these work? Do I need something else? Thank you for your time and help.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
来自另一个论坛帖子。
From another forum post.
会话超时和身份验证超时是两个不同的事情。
访问您网站的任何用户都会获得一个会话,无论他们是否已登录。在指定的超时时间内处于非活动状态后,他们的会话就会消失,并在下次访问您的网站时为他们分配一个新会话。
表单身份验证使用 cookie 中的身份验证票证,该票证也有超时时间。如果身份验证超时短于会话超时,身份验证票证将过期,并且用户仍将被注销 - 但他们仍将拥有会话数据!
您需要在 web.config 中查找身份验证超时并调整它以匹配会话超时。
Session timeout and the authentication timeout are two separate things.
Any user that comes to your site gets a session, regardless of whether or not they've logged in. After they have been inactive for the specified timeout, their session is gone and they get assigned a new session the next time they hit your site.
Forms Authentication uses an authentication ticket in a cookie that also has a timeout. If the authentication timeout is shorter than the session timeout, the authentication ticket will expire and the users will still be logged out - but they'll still have their session data!
You need to look for the authentication timeout in your web.config and adjust it to match the session timeout.