Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / Languages / C# / October 2007

Tip: Looking for answers? Try searching our database.

Session Expiry - the session expired after a number of hours of inactivity, although Session Expiry was set to 24 hours

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
fijsolam1981@gmail.com - 24 Oct 2007 05:52 GMT
Hi,
I had created a web application where Session expiry was set to 2,000
minutes in IIS. in web config i had given like this
<sessionState timeout="2,000" mode="InProc"></sessionState> but MY web
application was left logged in at 18:00 15th Oct, but on the following
day 08:30 16th Oct, the session expired as soon as MY web application
was used. It was also noted that during the day,  MY web application
occasionally got session expiry when it was constantly being used.Does
the session expiry need to be set up anywhere else?  There are no
Error logs created.
Will you please help me to resolve this issue. i expect your reply
soon .

With Thanks
Fijo Francis T
Reply to this Message
Alberto Poblacion - 24 Oct 2007 07:28 GMT
> I had created a web application where Session expiry was set to 2,000
> minutes in IIS. in web config i had given like this
[quoted text clipped - 3 lines]
> the session expiry need to be set up anywhere else?  There are no
> Error logs created.

  Have you tried writing timeout="2000" instead of timeout="2,000"? I think
that the parser may be getting confused by the comma and setting a timeout
of 2 minutes instead of 2000 minutes as you intended. You can check if this
is the case by examining the Session.Timeout property somewhere in your
code.
Reply to this Message
Peter Bromberg [C# MVP] - 24 Oct 2007 12:31 GMT
The IIS setting (at least in 6.0) applies only to Classic ASP, not ASP.NET.
When IIS recycles your app (which can occur many times during the day
depending on memory pressure and ISS settings for same), your InProc sessions
will go away.
Normally there is no need to set such a long Session Timeout as it has a
sliding expiration that "renews" the timeout whenever there is a request for
a page. In addition, it can pose a real security risk. The best thing to do
is not rely on Session at all, depending on what your needs are.
Finally, this is the C# language group - your post really belongs at the
ASP.NET group - it is not language specific but more about which framework.
-- Peter
Recursion: see Recursion
site:  http://www.eggheadcafe.com
unBlog:  http://petesbloggerama.blogspot.com
BlogMetaFinder:    http://www.blogmetafinder.com

> Hi,
> I had created a web application where Session expiry was set to 2,000
[quoted text clipped - 11 lines]
> With Thanks
> Fijo Francis T
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.