M
Michael J. Wendell
Hello,
I am trying to debug an issue with sessions in my ASP 3.0 web
application, which runs fine on WIN2K Pro and WINXP Pro, yet fails to
function correctly on WIN2K Advanced Server.
My actual application is using sessions to store username, and security
level (permissions) for my application. The default.asp page is the login,
where these values are set. I have triple and quadruple checked my IIS
Settings to make sure "Enable Session State" is checked, and the
session.timeout is set to 120. Now if I remove my application, recreate it
in IIS admin, stop and start the IIS services, and run my application, the
session variables seem to be saved across the first redirect to my
main_menu.asp page. Here I have several menu choices, which are dependent
on the session("seclevel") to determine which they can or cannot access.
Here is where it seems my session vars are lost, since when I click on any
choice, I get redirected to the log_out.asp page, which abandons the session
and returns the user to the login (default.asp) page.
Is there something I could be missing for WIN2K advanced server that I
have not thought of? Any help is greatly appreciated. I will attach some
basic code for the above pages below.
Thanks,
Mike
Default.asp ...
//---------------------------->
Dim lRs
set lrs = server.createobject("adodb.recordset")
lrs.activeconnection = lconn
operatorstr = "Select Type, OperatorID, UserPassword, SecurityLevels, Name
from OperatorTableFile WHERE OperatorID = '" & user_name & "' AND
UserPassword = '" & userpassword & "'"
lrs.open operatorstr
Call ErrorVBScriptReport(operatorstr)
Call ErrorADOReport(operatorstr,lConn)
if not lRs.EOF then
' randID = return_random_num()
'write function to grab sixth value from left on lrs("Securitylevel")
vSL = cStr(lrs("SecurityLevels"))
vtSL = left(vSL,6)
vvtSL = right(vtSL,1)
session("UtilSecLev") = vvtSL
'response.write session("UtilSecLev")
'response.end
vtSL = left(vSL,24)
vvtSL = right(vtSL,1)
session("SASecLev") = vvtSL
session("name") = lrs("Name")
session("ClerkId") = user_name
'response.write session("name") & " " & session("ClerkId")
'response.end
response.redirect "main_menu.asp"
'response.redirect "main_menu.asp?USL=" & session("UtilSecLev") &
"&ClerkId=" & session("ClerkId")
else
msgError = "Invalid user and userpassword"
end if
//---------------------------->
search.asp
//---------------------------->
if session("UtilSecLev") = "0" or isempty(session("UtilSecLev")) then
response.redirect "log_out.asp"
'response.write "something broke"
'response.write session("UtilSecLev")
'response.end
end if
//--------------------------->
log_out.asp ...
//--------------------------->
<%
session.abandon
response.redirect "default.asp"
%>
I am trying to debug an issue with sessions in my ASP 3.0 web
application, which runs fine on WIN2K Pro and WINXP Pro, yet fails to
function correctly on WIN2K Advanced Server.
My actual application is using sessions to store username, and security
level (permissions) for my application. The default.asp page is the login,
where these values are set. I have triple and quadruple checked my IIS
Settings to make sure "Enable Session State" is checked, and the
session.timeout is set to 120. Now if I remove my application, recreate it
in IIS admin, stop and start the IIS services, and run my application, the
session variables seem to be saved across the first redirect to my
main_menu.asp page. Here I have several menu choices, which are dependent
on the session("seclevel") to determine which they can or cannot access.
Here is where it seems my session vars are lost, since when I click on any
choice, I get redirected to the log_out.asp page, which abandons the session
and returns the user to the login (default.asp) page.
Is there something I could be missing for WIN2K advanced server that I
have not thought of? Any help is greatly appreciated. I will attach some
basic code for the above pages below.
Thanks,
Mike
Default.asp ...
//---------------------------->
Dim lRs
set lrs = server.createobject("adodb.recordset")
lrs.activeconnection = lconn
operatorstr = "Select Type, OperatorID, UserPassword, SecurityLevels, Name
from OperatorTableFile WHERE OperatorID = '" & user_name & "' AND
UserPassword = '" & userpassword & "'"
lrs.open operatorstr
Call ErrorVBScriptReport(operatorstr)
Call ErrorADOReport(operatorstr,lConn)
if not lRs.EOF then
' randID = return_random_num()
'write function to grab sixth value from left on lrs("Securitylevel")
vSL = cStr(lrs("SecurityLevels"))
vtSL = left(vSL,6)
vvtSL = right(vtSL,1)
session("UtilSecLev") = vvtSL
'response.write session("UtilSecLev")
'response.end
vtSL = left(vSL,24)
vvtSL = right(vtSL,1)
session("SASecLev") = vvtSL
session("name") = lrs("Name")
session("ClerkId") = user_name
'response.write session("name") & " " & session("ClerkId")
'response.end
response.redirect "main_menu.asp"
'response.redirect "main_menu.asp?USL=" & session("UtilSecLev") &
"&ClerkId=" & session("ClerkId")
else
msgError = "Invalid user and userpassword"
end if
//---------------------------->
search.asp
//---------------------------->
if session("UtilSecLev") = "0" or isempty(session("UtilSecLev")) then
response.redirect "log_out.asp"
'response.write "something broke"
'response.write session("UtilSecLev")
'response.end
end if
//--------------------------->
log_out.asp ...
//--------------------------->
<%
session.abandon
response.redirect "default.asp"
%>