Session Expired

Discussion in 'ASP.NET / ASP.NET Core' started by salimudheen, Sep 5, 2009.

  1. Hi,

    I have hosted asp.net site in to the DiscountAsp.net. Even the site is working well i have problem in session expired.
    After login i keep some user details in Session object. For each page i have check the session has the value, if not then i redirect the page to the login page.
    Below is the Session information in web.config file.
    Code:
    <!-- 
    <sessionState mode="InProc"  cookieless="false" timeout="1440" stateConnectionString ="tcpip=127.0.0.1:42424" sqlConnectionString="XXX;User ID=YYY;Password=ZZZ;Connect Timeout=0"/>
    -->
    <sessionState mode="SQLServer" allowCustomSqlDatabase = "true" 
    sqlConnectionString="XXX;User ID=YYY;Password=ZZZ;Connect Timeout=0"
    cookieless="false" 	timeout="1440"/>
    And also i set the Authentication mode in web.config file.
    Code:
    <!-- 
    <authentication mode ="None"/>
    -->
    <authentication mode ="Forms" >
    <forms name =".ASPXAUTH" protection ="None" timeout ="1440" loginUrl ="~/Login.aspx"></forms>
    </authentication>
    But in few clicks the session has expired immediately. I tried commented line also.
    I already got ticket for this issue in DiscountAsp.net. They suggest to set the forms protection property to none. I tried this also. But i got the same problem still.

    Please anyone can help this problem.

    Thanks in advance.

    Salim.
     
  2. You could try:

    • Adding the slidingExpiration="true" attribute to the forms element. In .NET 1.1 this attribute is true by default, in .NET 2.0 is false by default and true by default for .NET 3.5. Microsoft have changed direction on the default value for this attribute a number of times and definitely the safest way to use it is to explicitly set the value.
    • Lowering the timeout limits you have on your forms and session elements to something lower just for test purposes e.g. 30. Although your current values are nowhere near the theoretical limits I think this is a worthwhile test in a shared hosting environment.
    • Changing the cookieless attribute of the sessionState element to cookieless="UseCookies". UseCookies is the default value for this attribute but you currently have it set to "false".
     

Share This Page