We have an ASP.NET application running on a web hosting server so we exercise no control over the server.

When a user logs in to the application, it creates an object in which is stored certain data items. This object is maintained in the Session State. The first thing a page does when loaded is to check for this object in the Session State. If the object exists it is accessed from Session and the user is allowed to continue. If the object is not found in Session, the user is redirected to the Login page under assumption that the user's session had timed out or they had tried to hit the page without logging in.

For testing purposes, the Timeout in Web.config was set to 20 minutes. We are seeing random times when the user is redirected to the Login page long before the timeout should have expired. It seems to have no pattern to it. Development was done on this application on two separate machines, neither of which exhibited this behavior during development and testing. At this point we do not know whether it is a timing out issue or if the object in Session State is being removed/destroyed for some unknown reason.

Has anyone seen this kind of behavior and what could be the cause and cure for it?

Thanks,
Bill