B
Berrucho
Olá Group!
asp.net 1.0 / vb.net
Recently my asp.net app is having some strange behaviour. I'm using forms
authentication and I set up the userid in the session object at login
session.add("UserID", "Value"). This is the only moment that I set up this
value.
During app execution I only read the UserID session value User =
session("UserID"). Never set it up again.
This value is used in the sql queries to return values respecting that
single user.
But recently, users are getting result sets that belong to other users. The
only reason I see is that the UserID that I pass to the query is not the
one that identifies the current user.
Also found that when this happens the other user had recently logged in.
Using InProcess Session State
Session cookie is not persistent, 15 minutes timeout.
Any of you having / had this problem?
Thanks
Berrucho
asp.net 1.0 / vb.net
Recently my asp.net app is having some strange behaviour. I'm using forms
authentication and I set up the userid in the session object at login
session.add("UserID", "Value"). This is the only moment that I set up this
value.
During app execution I only read the UserID session value User =
session("UserID"). Never set it up again.
This value is used in the sql queries to return values respecting that
single user.
But recently, users are getting result sets that belong to other users. The
only reason I see is that the UserID that I pass to the query is not the
one that identifies the current user.
Also found that when this happens the other user had recently logged in.
Using InProcess Session State
Session cookie is not persistent, 15 minutes timeout.
Any of you having / had this problem?
Thanks
Berrucho