Setting Session State timeouts

Hey. For lower security situations, like a home shopping site used from a
secure home environment, how long should the session timeout be? I'd like
people
to be able to take all day to shop if they want- I wonder if they should
have to log in
again every half hour of inactivity. I guess you would burden the server too
much if the
session state was much over 20 minutes ...

Cheers
Justin DutoitJustin,

Going more than 20 minutes could certainly be difficult for the server
(depending on what kind of setup of course). Why not look into going
sessionless?

--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
"Justin Dutoit" <anon@.anon.com> wrote in message
news:eQH$f3HXDHA.2476@.tk2msftngp13.phx.gbl...
> Hey. For lower security situations, like a home shopping site used from a
> secure home environment, how long should the session timeout be? I'd like
> people
> to be able to take all day to shop if they want- I wonder if they should
> have to log in
> again every half hour of inactivity. I guess you would burden the server
too
> much if the
> session state was much over 20 minutes ...
> Cheers
> Justin Dutoit
>