What is the difference between a session timeout and a connection timeout in IIS?

Web Server Setup Information

In Microsoft IIS 7.5 What is the difference between the following entry in the Session State Timeout (in minutes) :

Av02

And this setting in IIS 7.5 (Default web site > Advanced Settings > Connection Limits) :

Av01

My Two Cents: These are two different settings in IIS that control two different things.

1) The ASP.NET session state is a technology that lets you store server-side, user-specific data. Web applications use this data to process requests from the user for which the session state was instantiated. A session state user is identified by a session ID. The session ID is delivered by using one of the following methods:
a) The session ID is part of a cookie that is sent to the browser of the user.
b) The session ID is embedded in the URL. This technique is also known as a cookie-less session.
The session timeout in IIS is how long the session can live. This is across multiple connections and is set in minutes. So, when you walk away from your computer with a page open and come back after 20 minutes if the page has timed out and you don’t like that, the setting will need to be increased, and visa versa.

2) The Connection Timeout is how long a connection from a browser to the server should take till it times out. So, when the browser requests a page/image/resource, it is how long IIS should wait until it terminates the connection. The Connection Timeout is set in seconds.

Leave a Reply

Your email address will not be published. Required fields are marked *