Hi, I've got a web application that uses Membership Provider to handle user accounts, permissions, roles and more. I login to the web app, and start playing around, then leave the page intact for say, more that 20 minutes and then click on the navigation bar to navigate to another page. As soon as the 20 minutes time elapses (from the last activity), I'll be redirected to the Login page. i.e., the Worker Process is recycled after 20 minutes and the session state is lost... So I bought another database from discountasp.net to manage session states out of process, say in sql server. It's now set up and I was happy that everything will work as expected. However, I've noticed that the 20 minutes time out is still in effect. Here's the sessionState element from the web.config file: <sessionState mode="SQLServer" allowCustomSqlDatabase="true" sqlConnectionString="Database=mydbname;Server=the_server_address;User ID=the_user_id;Password=the_password" cookieless="false" timeout="120"/> I'm sure that it's being set up correctly, since I traced to see whether the session info is created in corresponding tables, and yes, they do. and here's the authentication element from the web.config file (just in case): <authentication mode="Forms"> <forms loginUrl="/Security/Login.aspx" timeout="120" slidingExpiration="true"></forms> </authentication> I just even traced the Session.Timeout value and it indicates the 120 minutes, as expected. So I'm lost in the middle of nowhere. The process is recycled in 20 minutes and the session state is kept out of process. The question is why the heck the page is redirected to the login page. Any help would be highly appreciated, TIA, Mehdi
are you losing session variable or login status? membership provider do not use session to keep track of login status.
The login status, I believe. However, as I've mentioned the authentication element is also configured as follows: <authentication mode="Forms"> <forms loginUrl="/Security/Login.aspx" timeout="120" slidingExpiration="true"></forms> </authentication> So why the heck the "login status" should be lost? Thank you for your time. Mehdi Yes, I lose the login status! But it's kept in cookies, and that's there when the user is redirected to the login page. Any idea?
The problem is a machineKey regeneration when the process is recycled or stopped Use your own machine key should fix the problem see http://forum.discountasp.net/showthread.php?t=2719
