You can specify whether the cookie that is used to cache role names is periodically reset or expired at a fixed point in time by using the cookieSlidingExpiration attribute in the Web.config file for your ASP.NET application. If true, the cookie expiration is initially set to the current date and time plus the RoleManagerSection.CookieTimeout property, in minutes. While the user continues to actively use the ASP.NET application, the expiration date and time of the cookie is automatically refreshed, if there is less than half of the RoleManagerSection.CookieTimeout remaining. The default is true.