Help! Why do my IE users get randomly logged off?

ASP.NET MVC 2.0, here's my auth code:

[AcceptVerbs(HttpVerbs.Post)]
public ActionResult Login(string username, string password, string returnUrl) {
    if (ModelState.IsValid) {
        // Attempt to login
        var loginSuccessful = provider.ValidateUser(username, password);

        if (loginSuccessful) {
            FormsAuthentication.SetAuthCookie(username, true);
            if (!String.IsNullOrEmpty(returnUrl))
                return Redirect(returnUrl);


            return RedirectToAction("Index", "Home");

        }
    }
    return View(Language + "/Login", Vd);
}

Pretty much straight default authentication. Works fine for logging in. However, IE users get auto logged off randomly, even while they're 开发者_StackOverflowactive on the site. Other browsers work fine. Here's the forms auth from web.config:

<authentication mode="Forms">
    <forms loginUrl="~/en/Account/Login" timeout="2880"/>
</authentication>

Where do I begin to look in this case? Have I found a bug?

---

As far as I can see everything seems fine, however, could your issue be something to do with your use of a persistent cookie? I think persistent cookies are not meant to timeout, which is why you might be using them.

Try using a non-persistent one instead, and see if that works:

FormsAuthentication.SetAuthCookie(username, false);

Also, a few others notes of interest:

• I think that the timeout attribute in a web.config is specified in minutes. You've specified more than 2000 minutes.
• By default, sliding expiration is disabled, so after n minutes it will timeout anyway. If this isn't what you want, then add a slidingExpiration="true" entry onto your <forms/> element in the web.config.

---

What kind of session mode are you using-in process or out of process? If you are using in process with non-persistent cookie and the application pool recycles, then session is lost.