My MVC 5 site has web.config like this:
<authentication mode="Forms">
<forms name=".ADAuthCookie" loginUrl="~/Account/Login"
timeout="2880" slidingExpiration="true" protection="All" />
</authentication>
but timeout doesn't work. It doesn't matter what value I give here, it always expires after 20-30 mins. How can I maintain users logged in for longer period or until they sign-out?
Is there any way I can achieve this using "In-Proc" only? Or I am missing something here?
You are dealing with two separate issues, auth timeout and session timeout. Session timeout is controlled by the following key in web.config...
<system.web>
<sessionState mode="InProc" timeout="30" />
</system.web>
I'm not sure which you are encountering but I suspect it is the session timeout you are encountering rather than the authentication timeout... Try removing the timeout from your forms tag entirely and see if that gives you what you are looking for.
More information here- forms timeout issue in asp.net mvc