Loosing session variables

[Radu Colceriu]

HI,

I've an asp.net app like this:

login.aspx (no frame) :- save in session the user and pass
->
framedoc.html :- frameset 2 content
1. menu.aspx
2.docviewver.aspx

Everything work ok until at a random moment (1-5min) when the content of
some variables stored in the sesion is lost.
I'm not a big frameset fan but is a customer request .

Do you have any ideea how can I fix this ?

Thanx,
-radix

 

[Hermit Dave]

mate... you are threading a thin line... the moment you have frameset.. with
two frames you have two sessions on server...
cause each frame is a browser by itself having its own session...
so values set by frame1 in session would not be available to fram2 cause it
has its own session....

 

[Radu Colceriu]

Hi,

thankx for the quick response.
The first page that is NOT in/a frameset (login.aspx) is opening the sesion
as far as I ca imagine and then this page will open the frameset. The point
is that it is working for a random period of time.... until something is
happend . The session variables are not altered by any one of the pages
from frameset.
I have no antivirus/backup running, I' using IE6.

-radix

 

[Hermit Dave]

antivirus or a backup wont affect it either way unless they hinder the
session cookie being sent everytime...

okay you login page is not a frameset.. but the login page forwards it to
frameset... that causes a new session to be generated for the second
frame... i actually haven't monitored cause when i use session with frame...
i set those values from a particular frame and always access it in that
frame...

but enable tracing... add your custom attributes to trace.. monitor the
sessionid and the values... at some point.. you are doing something that is
causing server to open up a new session... see what's causing it... (plus
you are not losing the values... you are just opening and using another
session.. i.e. since its a different session you no longer have access to
other session's values... doesn't matter whether you read them or write to
them....

a better way to do it is not to use session specially for login page...
rather try using forms authentication... you need to do a few things... but
basic client info like username and userid can be bound to the
authentication ticket... and since you can access authenticationticket using
HttpContext.Current what session you are using doing matter...

hope this helps...

 

[Chris Botha]

Hermit, this was only the case in versions of IE before IE 5.5 (some service
pack, I don't remember which), but was fixed after that.
So I guess if Radu is testing with IE before 5.5 service pack xxx, this may
be the problem.

 

[Radu Colceriu]

HI,

I've IE6SP1

-radu

Hermit, this was only the case in versions of IE before IE 5.5 (some service
pack, I don't remember which), but was fixed after that.
So I guess if Radu is testing with IE before 5.5 service pack xxx, this may
be the problem.

 

[Hermit Dave]

this is the link you are looking for

http://support.microsoft.com/default.aspx?scid=kb;EN-US;323752

--
Regards,

HD

Once a Geek.... Always a Geek

 

[bruce barker]

forms authentication uses session to hold the ticket, so the behavior would
be no different.

most likely the site is recycling

 

[Hermit Dave]

okay... in that case if you have a valid ticket in a the cookie you set (say
i set the expiration to 30 days from today for the authentication..)
and i specify that the ticket is persistant... and i write it to a cookie
mind you the session expires in 20 mins..
i can still access the pages with have a deny to anonymous users. Cause the
ticket that i wrote was not appended to the session cookie... instead it was
written to a seperate cookie...
i can close the instance of browser and browse using a new set of ie pages
and it still works... !!! if so .. either session doesnt time out if your
forms ticket is valid or something seriously wrong with forms
authentication...

--
Regards,

HD

Once a Geek.... Always a Geek