Cookie problem Sessionid get doubled

Discussion in 'ASP General' started by Christoph Pieper, May 27, 2005.

  1. Hi,

    we've the following problem :

    We have an asp-application which sets the cookie on first login. The cookie
    will never be touched during user access. The user can work the whole day,
    but after 6 to 7 hours, the cookie get 2-4 new asp-sessionid's thus
    overwriting the very first entries in the cookie. Does anyone had the same
    problem or has a solution. The server is a w2003 enterprise the client has
    windows xp sp2.

    Regards

    Christoph
    Christoph Pieper, May 27, 2005
    #1
    1. Advertising

  2. What are you storing in the cookie? I don't really understand what you're
    saying here with the cookie getting 2-4 session IDs.

    Ray at work

    "Christoph Pieper" <> wrote in
    message news:...
    > Hi,
    >
    > we've the following problem :
    >
    > We have an asp-application which sets the cookie on first login. The

    cookie
    > will never be touched during user access. The user can work the whole day,
    > but after 6 to 7 hours, the cookie get 2-4 new asp-sessionid's thus
    > overwriting the very first entries in the cookie. Does anyone had the same
    > problem or has a solution. The server is a w2003 enterprise the client

    has
    > windows xp sp2.
    >
    > Regards
    >
    > Christoph
    Ray Costanzo [MVP], May 27, 2005
    #2
    1. Advertising

  3. Hi,

    we store here the user login data , and other important data. this data will
    be cleaned out if we get the 3 or 4 new sessionids (and we don't know how
    they get there, 'cause we only read the data on a session timeout). so if we
    get a session timeout, we could read the data from the cookie again and
    restore the session.

    Regards

    Christoph

    "Ray Costanzo [MVP]" wrote:

    > What are you storing in the cookie? I don't really understand what you're
    > saying here with the cookie getting 2-4 session IDs.
    >
    > Ray at work
    >
    > "Christoph Pieper" <> wrote in
    > message news:...
    > > Hi,
    > >
    > > we've the following problem :
    > >
    > > We have an asp-application which sets the cookie on first login. The

    > cookie
    > > will never be touched during user access. The user can work the whole day,
    > > but after 6 to 7 hours, the cookie get 2-4 new asp-sessionid's thus
    > > overwriting the very first entries in the cookie. Does anyone had the same
    > > problem or has a solution. The server is a w2003 enterprise the client

    > has
    > > windows xp sp2.
    > >
    > > Regards
    > >
    > > Christoph

    >
    >
    >
    Christoph Pieper, May 27, 2005
    #3
  4. the way your explaining it does not make sense


    "Christoph Pieper" <> wrote in
    message news:...
    > Hi,
    >
    > we've the following problem :
    >
    > We have an asp-application which sets the cookie on first login. The
    > cookie
    > will never be touched during user access. The user can work the whole day,
    > but after 6 to 7 hours, the cookie get 2-4 new asp-sessionid's thus
    > overwriting the very first entries in the cookie. Does anyone had the same
    > problem or has a solution. The server is a w2003 enterprise the client
    > has
    > windows xp sp2.
    >
    > Regards
    >
    > Christoph
    Kyle Peterson, May 27, 2005
    #4
  5. Christoph Pieper

    Mark Schupp Guest

    Do you mean ASP session ids (as in Session.SessionID). That ID will only
    change if the browser fails to send the session cookie. IIS will then
    generate a new one. It should have no effect on your cookie unless you reset
    your cookie data when a new ASP session starts.

    Is your cookie a disk cookie (has an expiration date) or a memory cookie (no
    expiration date)?

    --
    --Mark Schupp


    "Christoph Pieper" <> wrote in
    message news:...
    > Hi,
    >
    > we store here the user login data , and other important data. this data
    > will
    > be cleaned out if we get the 3 or 4 new sessionids (and we don't know how
    > they get there, 'cause we only read the data on a session timeout). so if
    > we
    > get a session timeout, we could read the data from the cookie again and
    > restore the session.
    >
    > Regards
    >
    > Christoph
    >
    > "Ray Costanzo [MVP]" wrote:
    >
    >> What are you storing in the cookie? I don't really understand what
    >> you're
    >> saying here with the cookie getting 2-4 session IDs.
    >>
    >> Ray at work
    >>
    >> "Christoph Pieper" <> wrote in
    >> message news:...
    >> > Hi,
    >> >
    >> > we've the following problem :
    >> >
    >> > We have an asp-application which sets the cookie on first login. The

    >> cookie
    >> > will never be touched during user access. The user can work the whole
    >> > day,
    >> > but after 6 to 7 hours, the cookie get 2-4 new asp-sessionid's thus
    >> > overwriting the very first entries in the cookie. Does anyone had the
    >> > same
    >> > problem or has a solution. The server is a w2003 enterprise the client

    >> has
    >> > windows xp sp2.
    >> >
    >> > Regards
    >> >
    >> > Christoph

    >>
    >>
    >>
    Mark Schupp, May 27, 2005
    #5
  6. Hi Mark,

    thx for your reply. Yes the sessionID (session.sessionid) is changing and is
    written in addition into the cookie. How can this happen since we do only
    create in one time. the session does not terminate, and we do not access the
    cookie again (tested). Why should the browser fail to send the session cookie
    ? the cookie has an expiration date of 24hours from login on.

    regards

    christoph

    "Mark Schupp" wrote:

    > Do you mean ASP session ids (as in Session.SessionID). That ID will only
    > change if the browser fails to send the session cookie. IIS will then
    > generate a new one. It should have no effect on your cookie unless you reset
    > your cookie data when a new ASP session starts.
    >
    > Is your cookie a disk cookie (has an expiration date) or a memory cookie (no
    > expiration date)?
    >
    > --
    > --Mark Schupp
    >
    >
    > "Christoph Pieper" <> wrote in
    > message news:...
    > > Hi,
    > >
    > > we store here the user login data , and other important data. this data
    > > will
    > > be cleaned out if we get the 3 or 4 new sessionids (and we don't know how
    > > they get there, 'cause we only read the data on a session timeout). so if
    > > we
    > > get a session timeout, we could read the data from the cookie again and
    > > restore the session.
    > >
    > > Regards
    > >
    > > Christoph
    > >
    > > "Ray Costanzo [MVP]" wrote:
    > >
    > >> What are you storing in the cookie? I don't really understand what
    > >> you're
    > >> saying here with the cookie getting 2-4 session IDs.
    > >>
    > >> Ray at work
    > >>
    > >> "Christoph Pieper" <> wrote in
    > >> message news:...
    > >> > Hi,
    > >> >
    > >> > we've the following problem :
    > >> >
    > >> > We have an asp-application which sets the cookie on first login. The
    > >> cookie
    > >> > will never be touched during user access. The user can work the whole
    > >> > day,
    > >> > but after 6 to 7 hours, the cookie get 2-4 new asp-sessionid's thus
    > >> > overwriting the very first entries in the cookie. Does anyone had the
    > >> > same
    > >> > problem or has a solution. The server is a w2003 enterprise the client
    > >> has
    > >> > windows xp sp2.
    > >> >
    > >> > Regards
    > >> >
    > >> > Christoph
    > >>
    > >>
    > >>

    >
    >
    >
    Christoph Pieper, May 27, 2005
    #6
  7. "Christoph Pieper" <> wrote in
    message news:...
    > Hi Mark,
    >
    > thx for your reply. Yes the sessionID (session.sessionid) is changing and
    > is
    > written in addition into the cookie. How can this happen since we do only
    > create in one time. the session does not terminate, and we do not access
    > the
    > cookie again (tested). Why should the browser fail to send the session
    > cookie
    > ? the cookie has an expiration date of 24hours from login on.


    You said you don't access the cookie until the session has timed out. At
    that point the session ID is invalid to IIS, so it generates another ID for
    the new session. The cookie doesn't expire for 24 hours, but the default
    ASP session timeout is 20 minutes. So IE is sending all of the session ids
    along with the rest of the cookie, it's just that all but one are no longer
    meaningful to the server.

    If you had a way to to tell which sessionid was older, you might be able to
    set the expired one to zero length. Or, when you detect that you've
    accumulated too much sessionid baggage, you could expire the cookie, post
    the info back to yourself (like with a refresh pragma, or by emitting some
    client script) and then create a new cookie out of the info you posted to
    yourself.


    -Mark




    > regards
    >
    > christoph
    >
    > "Mark Schupp" wrote:
    >
    >> Do you mean ASP session ids (as in Session.SessionID). That ID will only
    >> change if the browser fails to send the session cookie. IIS will then
    >> generate a new one. It should have no effect on your cookie unless you
    >> reset
    >> your cookie data when a new ASP session starts.
    >>
    >> Is your cookie a disk cookie (has an expiration date) or a memory cookie
    >> (no
    >> expiration date)?
    >>
    >> --
    >> --Mark Schupp
    >>
    >>
    >> "Christoph Pieper" <> wrote in
    >> message news:...
    >> > Hi,
    >> >
    >> > we store here the user login data , and other important data. this data
    >> > will
    >> > be cleaned out if we get the 3 or 4 new sessionids (and we don't know
    >> > how
    >> > they get there, 'cause we only read the data on a session timeout). so
    >> > if
    >> > we
    >> > get a session timeout, we could read the data from the cookie again and
    >> > restore the session.
    >> >
    >> > Regards
    >> >
    >> > Christoph
    >> >
    >> > "Ray Costanzo [MVP]" wrote:
    >> >
    >> >> What are you storing in the cookie? I don't really understand what
    >> >> you're
    >> >> saying here with the cookie getting 2-4 session IDs.
    >> >>
    >> >> Ray at work
    >> >>
    >> >> "Christoph Pieper" <> wrote
    >> >> in
    >> >> message news:...
    >> >> > Hi,
    >> >> >
    >> >> > we've the following problem :
    >> >> >
    >> >> > We have an asp-application which sets the cookie on first login. The
    >> >> cookie
    >> >> > will never be touched during user access. The user can work the
    >> >> > whole
    >> >> > day,
    >> >> > but after 6 to 7 hours, the cookie get 2-4 new asp-sessionid's thus
    >> >> > overwriting the very first entries in the cookie. Does anyone had
    >> >> > the
    >> >> > same
    >> >> > problem or has a solution. The server is a w2003 enterprise the
    >> >> > client
    >> >> has
    >> >> > windows xp sp2.
    >> >> >
    >> >> > Regards
    >> >> >
    >> >> > Christoph
    >> >>
    >> >>
    >> >>

    >>
    >>
    >>
    Mark J. McGinty, May 27, 2005
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ronald
    Replies:
    6
    Views:
    6,869
    Andy Mortimer [MS]
    Feb 23, 2004
  2. =?Utf-8?B?R3JpZGxvY2s=?=

    Reading Cookies only returning SessionId cookie

    =?Utf-8?B?R3JpZGxvY2s=?=, Dec 19, 2005, in forum: ASP .Net
    Replies:
    4
    Views:
    460
    =?Utf-8?B?R3JpZGxvY2s=?=
    Dec 20, 2005
  3. Torsten Bronger
    Replies:
    1
    Views:
    284
    Torsten Bronger
    Jun 25, 2005
  4. iotaivy
    Replies:
    0
    Views:
    130
    iotaivy
    Nov 10, 2005
  5. markspace

    Browser history doubled, back button busted

    markspace, Jul 3, 2009, in forum: Javascript
    Replies:
    2
    Views:
    101
    markspace
    Jul 4, 2009
Loading...

Share This Page