Hi,
I am supporting a asp.net we app. In the web.config file, currently the session timeout is set as 20 minutes, Form Authentication timeout is set at 20 minutes, and <roleManager ...> the CookieTimeOut is set as 30 minutes.
I need to set the session timeout much longer due to a new added function. Say I now set the session timeout to be 120 minutes; I will also increase the Form Authentication timeout to be 120 minutes.
My question is: should I increase the CookieTimeOut value as well? Should it be set to at least 120 minutes?
Thanks,
Claudia