Iron Speed Designer-applications automatically log out application users after a period of inactivity. This feature guards against identity theft that can occur when a user leaves their web browser open to an application, and an unauthorized person uses that browser to extract identity information or perform transactions in the application.
After a period of inactivity, 30 minutes by default, the application user is prompted to sign in again to reaffirm their identity. You can change this default setting by adjusting the Timeout parameter in the SessionState section of your application’s Web.config file.
<SessionState
....
Timeout=’30’
/>
Set Timeout to the number of minutes after which the application should sign out the user.
Configuring Application Security
Step 1: Select Application Security Type
Step 2: Enter Active Directory Connection String
Step 3: Select the User Table (Database Security)
Step 4: Select the Roles Table (Database Security)
Step 4: Select the Policy Store Role Provider (AzMan Security)
Step 4: Select the Roles (SharePoint Security)
Step 5: Assign Page Permissions
Step 6: Configure Individual Controls for Role-Based Security
Step 7: Configure the ForgotUser.aspx page
Administering Database Security at Run-Time
Displaying Data for Logged In Users