My users are frequently being logged out with 'Session has Expired'
When a user connects to LobbyCentral, a Session token is created. This token is valid for 720 minutes or 12 hours.
If the token is destroyed, LobbyCentral will send the user back to the login screen.
IIS maintains session tokens in memory.
Session tokens are destroyed in one of the following ways:
- IIS Idle Time-Out Setting. By default, IIS (Windows web server) sets the Idle Time-out to 20 minutes. If a user is idle for more than 20 minutes (no activity within LobbyCentral), the session token is destroyed.
- Web server service is restarted
- Web server is rebooted
- User restarts the computer or closes the web browser.
- User opens multiple browser windows and logs out of LobbyCentral in one browser. If two browser windows are open and both are logged into LobbyCentral, logging out of one will destroy the session token for both.
- Low memory. IIS will recycle application pools to reclaim memory, which destroys session tokens.
- Other server issues
It is not recommended that users maintain multiple session of LobbyCentral on the same computer.
Solution #1 Check Idle Time-Out Setting in IIS
- On the web server, open IIS
- Click Application Pools
- Click LobbyCentral
- Under Actions, click Advanced Settings
- Scroll down to the Process Model section
- Verify or change Idle Time-Out to 720
- Click OK
Solution #2 Switch from In-Memory to Persistent Session State storage using SQL Server (Recommended)
Storing session state in SQL Server eliminates session log outs due to memory issues and web server restarts. This is because the session token is stored in a SQL database and not in memory. As long as the user maintains the same browser, state will be maintained.
Note that this does not resolve the issue of multiple browser windows.
Please review the article Setting up Persistent SQL Storage for instructions on switching to persisted session state.