-1

How can I implement these scenarios using forms authentication?

If the user is Inactive for 40mins, he has to be logged out completely.

Questions

  • How should I set Session timeout ?
  • How to Manage application timeout vs. session timeout?
Improve this question
0

1 Answer 1

Reset to default
0

If the user has to enter password; he is essentially logged out. You can set session timeout to 20.

However if you really want to differentiate between the two you can update session item with last time user made a request. Set the session time out to 40 minutes. At any given time if the session last update entry is older than 20 minutes ask him to enter password again.

See the following for executing code before every request in MVC

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

where should I write the code related to saving the Session["lastrequest"] in the application . and how should I assign the time to the Session["lastrequest"]

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.