Is SessionState timeout the same as login timeout

Discussion in 'ASP .Net' started by Randall Parker, Dec 6, 2005.

  1. Does the SessionState timeout field in Web.config control how long a logged in
    session will stay logged in?

    For example, I want my users to be able to log in once during their work day and for
    their log-ins to remain valid for 12 hours. Is this below the way to do it?

    <sessionState
    mode="InProc"
    stateConnectionString="tcpip=127.0.0.1:42424"
    sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
    cookieless="false"
    timeout="7200"
    />

    (ignore the stateConnectionString and sqlConnectionString which I do not even
    understand at this moment)

    Does the timeout="7200" mean 7200 seconds from the time of logging in that the
    Session object will be deleted from the ASP.Net server and hence that the user will
    no longer be logged on?

    Or, to put it another way: If the browser cookie lasts longer than the session object
    does the user have to log back in if the session object expires but the browser
    cookie still exists?

    I want to add some setting to the session object and/or browser cookie that control
    what fields are available on web pages based on what I find in a log-in database
    table record when I check the username and password. Can I add those fields to the
    cookie that gets created when the user logs in?
    Randall Parker, Dec 6, 2005
    #1
    1. Advertising

  2. Basically the session state means that the users session data will remain
    active for in your case 7200 seconds after the user's last request to the
    server.

    So for example:

    7200 = 12 Hours
    3600 = 6 hours
    60 = 1 hour

    I browse your web site @ 1am, I do nothing more and my session now does not
    expire until 1pm
    I browse your web site @ 1am and browse around until 2am, now your session
    does not expire until 2pm

    Session state is used when you want to store some details for the particular
    user:

    Something like this:

    Session["UserName"] = Chris
    Session["UserID"] = 1234

    So it is not a period of time after they logged in for example but the
    amount of time after the last request before those session variables are
    cleared from the servers memory.
    --

    Cheers

    Chris Crowe [IIS MVP 1997 -> 2006]
    http://blog.crowe.co.nz
    ------------------------------------------------


    "Randall Parker" <NOtechieSPAMpundit_please@future_avoidjunk_pundit.com>
    wrote in message news:e3xKwYj%...
    > Does the SessionState timeout field in Web.config control how long a
    > logged in session will stay logged in?
    >
    > For example, I want my users to be able to log in once during their work
    > day and for their log-ins to remain valid for 12 hours. Is this below the
    > way to do it?
    >
    > <sessionState
    > mode="InProc"
    > stateConnectionString="tcpip=127.0.0.1:42424"
    > sqlConnectionString="data
    > source=127.0.0.1;Trusted_Connection=yes"
    > cookieless="false"
    > timeout="7200"
    > />
    >
    > (ignore the stateConnectionString and sqlConnectionString which I do not
    > even understand at this moment)
    >
    > Does the timeout="7200" mean 7200 seconds from the time of logging in that
    > the Session object will be deleted from the ASP.Net server and hence that
    > the user will no longer be logged on?
    >
    > Or, to put it another way: If the browser cookie lasts longer than the
    > session object does the user have to log back in if the session object
    > expires but the browser cookie still exists?
    >
    > I want to add some setting to the session object and/or browser cookie
    > that control what fields are available on web pages based on what I find
    > in a log-in database table record when I check the username and password.
    > Can I add those fields to the cookie that gets created when the user logs
    > in?
    Chris Crowe [MVP 1997 -> 2006], Dec 6, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Carpe Diem
    Replies:
    3
    Views:
    7,170
    Carpe Diem
    Feb 23, 2004
  2. --alec
    Replies:
    0
    Views:
    8,415
    --alec
    Jun 24, 2004
  3. Mikko Penkkimäki

    SessionState timeout problem

    Mikko Penkkimäki, Sep 6, 2004, in forum: ASP .Net
    Replies:
    8
    Views:
    43,530
  4. Sosh
    Replies:
    1
    Views:
    1,866
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
    Dec 31, 2005
  5. Replies:
    0
    Views:
    529
Loading...

Share This Page