Want to work with us? We're on the lookout for digital experts.

We're hiring

Application Idle Timeout Issue IIS 7.5

Web Bureau

03 September 2012 by Web Bureau

I previously posted on the Session State Cookie Timeout setting – see

There is also a setting in the Application Pool you should be aware of.

If you go to the Advanced Settings of the Application Pool under Process Model there is a setting Idle Time-out (minutes). By default this is set to 5 which means it basically clears the forms authentication cookie if there hasn't been any activity for longer than 5 minutes. If you change this to whatever time period you want the cookie to stay active.


Configure forms authentication not to expire when app pool recycled

It appears the forms authentication ticket is encrypted by the machine key.  When the App Pool restarts after the idle time it creates a new machine key so the ticket becomes invalid. The solution is to set a static machine key in the web config -

You would use this if you were wanting to allow someone to log in for a long period of time and I think it would come into play if you used a tickbox to say keep me logged in and set the forms authentication to persistent.

Grow your businessStart a project with us today.

This site uses essential cookies for parts of the site to operate and have already been set. Find out more about how we use cookies and how you may delete them. You may delete cookies, but parts of the site will not work.