如何在sharepoint 2013表单身份验证中的一段时间（15分钟）后进行会话超时？ [英] How to make a session timeout after a time (15 minutes) in sharepoint 2013 forms authentication?

问题描述

假设我们拥有SharePoint 2013网站并使用Windows和表单身份验证。

如果只进行表单身份验证，如何在一段时间（15分钟）后进行会话超时？

我在网络配置文件中设置会话状态的超时属性但没有任何反应

所以任何推荐？



我尝试过：



我在网络配置文件中设置会话状态的超时属性但没有任何反复

更清晰它是一个ASP.NET SessionState SQL Server模式和超时超时不起作用

Lets say we have SharePoint 2013 site and using windows and forms authentication.
How to make a session timeout after a time (15 minutes) in case of forms authentication only?
I set "timeout" property of the session state in web config file but nothing happen
So any recommendation?

What I have tried:

I set "timeout" property of the session state in web config file but nothing happen
for more clearence it is an ASP.NET SessionState SQL Server mode and time out timeout doesn't work

推荐答案

如果你设置超时属性，它不会更改会话有效期，然后检查您的网络托管服务 - 许多便宜的设置会话持续时间上限（通常约5分钟），以减少资源使用。当他们这样做时，你设置的超时值被忽略。



你可以说服他们延长超时，但如果没有，那么你需要更改主机，或切换到Cookies而不是会话 - 它们存储在客户端，并且可以给予更长的持续时间。

If you set the timeout property and it doesn't change the Session validity duration, then start by checking your web hosting service - many of the cheaper ones set a session duration cap (typically around 5 minutes) to reduce resource usage. When they do this, the timeout value you set is ignored.

You may be able to persuade them to extend the timeout, but if not, then you need to either change hosts, or switch to Cookies instead of Session - they are stored at the client and can be given a much longer duration.

It really depends on the desired functionality you're looking for. I'm going to assume you're using FormsAuthentication.

There's two separate things you need to be concerned about: the Session and the FormsAuthentication cookie. Unless I'm mistaken, both of these have separate timeouts.

If the problem you're having is that the session is timed out but the user still is authenticated, you could try a combination of the following:

1: Making sure the authentication cookie has the same timeout value as the session:

<authentication mode="Forms"><forms ... timeout="20" ... ><authentication>
<sessionState ... timeout="20" ... />
2: In your Page_Load event, check if the session has timed out:

if (context.Session != null && Context.Session.IsNewSession == true &&
    Page.Request.Headers["Cookie"] != null &&
    Page.Request.Headers["Cookie"].IndexOf("ASP.NET_SessionId") >= 0)
{
    // session has timed out, log out the user
    if (Page.Request.IsAuthenticated)
    {
        FormsAuthentication.SignOut();
    }
    // redirect to timeout page
    Page.Response.Redirect("/Timeout.aspx");
}

我的参考

asp.net - 如何注销用户当会话超时或结束时 - Stack Overflow [ ^ ]

这篇关于如何在sharepoint 2013表单身份验证中的一段时间（15分钟）后进行会话超时？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！