I am creating a mvc4 application and here I am creating a cookie to give a user access to various pages depending on their roles and things. but I have different doubt. Instead of logging off people generally tend to close the browser window. So, I made the cookie not store any of the data from the login when that happens (or I think thats what happens, according to the blogs and answers Ive read so far!)
I only want 10 users to access that site at one time. So when the user closes the browser or when the session ends I want it to execute the LogOff function that keeps track of the number of people logged in and opens up that port session for use by someone else.
I tried adding session_end in the global.asax page and it just never seems to get there. and for testing purposes I had it expiring in a minutes time. But it does however go to the Session_start in the same global.asax page.
Any idea as to how I can get this to work?
This is what I had to do (hoping its not silly!):
In the web.config, needed to add the timeout here to trigger session_end
<system.web>
<sessionState mode ="InProc" timeout="10"/>
</system.web>
Although, in the same web.config there is a timeout here, i dont know where it goes.
<authentication mode="Forms">
<forms loginUrl="/SiteUsers/Logon" timeout="10" />
</authentication>
If you guys have other ways to get around this, please do tell me, im all ears! Im still in the trying and testing everything phase so any help will be much appreciated :)
Thanks guys! hope this helps solve someones problem.
Related
I am changing session state in:
<sessionState cookieName="myCookieName" />
It changed correctly, but one issue I am facing is default the "ASP.NET_SessionId" is also showing.
I didn't understand what I am going wrong. How can I fix this?
<system.web>
<sessionState cookieName="foo" />
</system.web>
I need only to show a cookie named foo. I don't want to show "ASP.NET_SessionId".
Maybe it's just a cache issue. Try to delete the cookie in the browser.
Then log in again, and see if it appears again...
I know there are a lot of questions on this topic and I have read them all.
I'm using IIS8, .Net 4.5.
Users randomly get an invalid viewstate error, I can't figure it out. Once this happens the only way they can get back into the site is to clear browser cache.
In my web.config I have:
<system.web>
<machineKey validationKey='....key here' decryptionKey='....decrypt key is valid here' validation='SHA1'/>
<!--<hostingEnvironment shadowCopyBinAssemblies="false" />-->
<authentication mode="None" />
<compilation targetFramework="4.5.1" />
<httpRuntime targetFramework="4.5.1" />
...
</system.web>
I'm running on a virtual private server, and I've yet to find a viewstate larger than 9kb.
My application pool is set to restart at 3:00am, once per day.
My page uses update panels, maybe the user is clicking 'back'? But I've seen it happen just visiting the page with no clicking back.
One thing I noticed is I have 3 different sites using the same application pool identity, but the application pools are seperate. There is no machine keys in machine.xml, but only in my web.config.
A couple of possibilities to investigate:
Update panels are changing form field values (which are what is used to compute ViewState), then the page gets POSTed back to the server, where the new values make validation fail. See this post
You have caching enabled (perform a trace of HTTP headers - make sure you don't have dev tools open) which is causing invalid ViewState to be generated w/ UpdatePanel gumming things up.
Are you using Server.Execute anywhere? (see above link for same)
(less likely) Does your "Virtual Private Server" get migrated to different hardware (perhaps without you knowing it)?
I have an aspx page with a few textboxes and a submit button.
Once the submit button is clicked an xml file is created from the table/textboxes on the screen.
That works fine if doing it right away but if you click the button after 20 mins or so the page errors out.
I have:
<location path="Default.aspx">
<system.web>
<httpRuntime executionTimeout="1000000000"/>
</system.web>
</location>
in web.config and <asp:ScriptManager ID="ScriptManager1" runat="server" AsyncPostBackTimeout="1000000000" /> on the aspx page but it still times out after around 20 mins or so.
What am I missing?
Default session time is 20mins Msdn
Here is one of the way
1.http://weblogs.asp.net/stevewellens/archive/2009/06/09/ah-ah-ah-ah-staying-alive-staying-alive.aspx
Check this Solution
2.how to avoid session timeout in web.config
3.https://stackoverflow.com/a/412502/1053241
In your web.config you more than likely have
<sessionState timeout="20"></sessionState>
You shouldn't really extend your session timeout beyond this though
How to set session timeout more than 20 min.?
This post explains all the relevant places to check your session timeout
Also when you come to deploy your application remember to check the IIS timeout configuration
Maybe the Session is over, Try to set the SessionTimeOut, or write a JavaScript function to send an AJAX request time by time to keep the Session alive.
But I really don't think you're on the right way with that, if the Session is over you should redirect to the login page.
Here is a good example to keep a session alive: http://www.dotnetcurry.com/ShowArticle.aspx?ID=453
Also rather than extending your session you could just warn the users that they are about to be timed out of the system and ask them if you wish to continue using the site
http://programmerramblings.blogspot.co.uk/2011/07/aspnet-session-timeout-control-with.html
This control lets you do that
I am setting this at individual page and button click event. Seems to do the trick if you do not want a application wide timeout change in config.
HttpContext.Current.Server.ScriptTimeout = 90000;
I set sessiontimeout in web.config file like following.
<sessionState timeout="120"
cookieless="false"
mode="InProc"
/>
Some times above code working fine.But many times session expired after 10 to 15 minutes automatically.
and this errors exists in every browser.
when i run same application using .net on my local computer it working fine.
Please note that, i haven't create global.ascx file yet.
Sessions will also be reset when the application recycles. This will happen when you change some things in the site, like change anything in the "bin" folder or modify the "web.config" file.
Also IIS may stop or recycle applications that it thinks are not used at the moment.
Are you sure you want to keep everything in memory for two hours, even after the user left? Better ways to keep the session alive would be to use some regular (every few minutes) AJAX callback. Search for "session keep alive asp.net ajax".
Have you verified the session timeout the app is ending up with? Do a response.write of Session.Timeout. This value can be set in several places.
How do you know the user is being active? The session will time out if he's only typing text, scrolling, and/or reading for lengths of time greater than the timeout value. The browser must invoke a HTTP request to the server to reset the timer.
As Hans mentioned, a background script-based "pinger" set to run at interval to access minimal web content will help.
Considering I'm about to start yet another web application, and I seem to need to add this functionality to most web apps, I was inspired to create a little package called Keep Me Alive to speed this process up in the future. You can find it here:
http://kma.codeplex.com/
Hope it helps!
I have something strange going on with our session state.
Our ASP.NET C# application has a session timeout of 10 min, but it seems to be losing session state when redirecting between pages.
So, we set out session value, and redirect to the next step,
Session["temp"] = "somevalue";
Response.Redirect("page2.aspx");
At the top of page2, we check the session value, and if it's not there, redirect back to the start (the code below is the first on Page_Load):
if (Session["temp"] == null)
{
Response.Redirect("start.aspx");
}
The issue is it keeps on doing this redirect, even though the session should not have timed out.
I have checked the config file, and it has a machinekey, as I have been informed that this can sometimes causes issues if it's not there.
Is there something else that could be causing us to lose the session?
Depending how your session's configured, cookie problems can cause you to lose session. As can switching domains / switching between http and https.
And as an aside, if you're connecting over a mobile connection, all sorts of horrible things can happen to your cookies...
Disabled Coockies may be issue. You can also create brand new application (with default web.config without any change) with single page and test it. This will tell you whether the problem is application specific or server specific.
try to add to system.webServer -> modules section in web.config next lines:
<remove name="Session" />
<add name="Session" type="System.Web.SessionState.SessionStateModule" />