Unfortunately, integrated Windows authentication is not designed to work that way, so there isn't a really clean way to accomplish that.

Forms authentication typically supports things like idle timeout, but with it you lose the SSO experience.

Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
"AM" <AM@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:7C5F5C06-7A2C-4D84-875E-A1F7945B8799@xxxxxxxxxxxxxxxx
Hi All,
I know this question has been posted many times in this group and I did went
through and implemented the solution in my ASP.Net 2.0 Internet facing

I am using
IIS for integrated authentication
and ASP.NET for Windows authentication (<authentication mode="Windows" />)
as Dominick Suggested.
It works as expected, I sign into one app and I can go to my app2 and I am
already logged in

My Apps are set as follow

I am able to navigate to all 3 apps, back and forth without any issue.
The problem is my data is very sensitive, I want to make sure that once
users session times out after 15 minutes of inactivity the authentication
should be timed out too, meaning after 15 minutes of inactivity all my
session are cleared and I want user to be asked to re-login after sesson

In this case even after one hour of inactivity user can click on menu and it
will not ask him to relogin.
Is there any setting at AD level that I can set?

I am open for any other suggestion which does not require any form of cookies.