cookie timeout

Hello,
>
I am developping some webpages where our PDA-user can access some
company information. Our webserver has asp.net 1.1 installed.
>
Users can login and access the information, after a period of non-
activity the session should expire and the user has to login again. I
tried to do this with the following web.config.
>
<configuratio n>
 <system.web>
    <sessionState timeout="20" />
    <authenticati on mode="Windows">
       <forms name=".Comapany Cookie" loginUrl="login .aspx" />
    </authentication>
    <authorizatio n>
       <deny users="?" />
    </authorization>
 </system.web>
</configuration>
>
When accessing the site there appears a pop-up and we can login.
However the session never expires. I was told this has something to do
with a persistent cookie that defaults to a timeout of 50 years.
>
What do I have to do get the time-out of 20 minutes.
>
Thanks,
>
John

On Oct 29, 11:36 am, jbhab...@gmail. com wrote:
>
>
>
>
>>>>>>>>>
When you have authentication mode set to "Windows" why do you need to
"login" user again? Your web.config file has forms attribute which is
for custom Forms-based authentication.
>
http://msdn.microsoft.com/en-us/library/532aee0e.aspx- Tekst uit oorspronkelijk bericht niet weergeven -
>
- Tekst uit oorspronkelijk bericht weergeven -

Hello Alexey,
>
I agree, ther forms attribute is not needed. A call to login.aspx is
never made since I changed from Forms to Windows. Windows
Authentication uses it's own pop-up window.
>
Problem is when used in there is no time-out, how can I change my code
so the specified time-out is used.
>
John
>
On 29 okt, 14:16, Alexey Smirnov <alexey.smir... @gmail.comwrote :
>>>>>>>>>>>>