We are running a web application with both secure and public pages.We are encountering sporadic problems where we have valid users entering the secure pages but being "kicked-out" after a couple of seconds. Apparently, after a few seconds session variables are lost and hencethey arenot being recognized as valid because they are not being authenticated properly. For the secure pages, we authenticate using session variables - i.e. if valid username & passworrd { Session["LoggedIn"] = true;} else { Session["LoggedIn"] = false;} Initial investigation showed that these users are running Linux. Has anyone encountered this problem? Any suggestions?
hmmm... so same thing doesn't happen when you use Windows platform? this is very strange indeed. Bruce DiscountASP.NET www.DiscountASP.NET
Is is possible their webbrowser doesn't support cookies? or they are denying the authentication cookie? Joel Thoms DiscountASP.NET http://www.DiscountASP.NET
Are you positive this only happens on non-Windows machines? That sounds pretty strange. Here are a few ideas: 1. Maybe the Windows machines are automatically doing windows authentication and your Session variable isn't coming into play? 2. I think it's more likely that those Session variables are just being discarded more arbitrarily. This can happen when the server needs to reclaim memory or the ASP.NET worker process recycles. If you are banking on that Session variable being persistent, you may want to consider the SqlServer session state mode (It incurs about a 25% performance hit over keeping the Session in memory, but you can have more control over its persistence). You may also want to consider abandoning the Session all together to track authentication. I think the more commonly prescribed method is to use cookies. Check out this tutorial: msdn2.microsoft.com/en-us/library/aa480476.aspx
