Session never expires

Discussion in 'ASP .Net' started by Daniel Geisenhoff, Sep 7, 2004.

  1. Hi,

    we have set our session timeout in web.config and in IIS to 1 minute,
    but the session never expires. We check a variable Session("UserId")
    in global.asax, which is still valid after 10 minutes.

    here is our code in global.asax:

    Private Sub Global_AcquireRequestState(ByVal sender As Object, ByVal e
    As System.EventArgs) Handles MyBase.AcquireRequestState
    If Not LCase(Request.Path).EndsWith("default.aspx") And _
    Not LCase(Request.Path).EndsWith("frontdoor.aspx") Then
    If Session("UserId") Is Nothing Then
    Response.Redirect("frontdoor.aspx", True)
    End If
    End If
    End Sub

    and this is our session state part in web.config:

    <sessionState
    mode="SQLServer"
    stateConnectionString="tcpip=127.0.0.1:42424"
    sqlConnectionString="data
    source=PIII550;Trusted_Connection=no;uid=sa;pwd=xxxxx"
    cookieless="true"
    timeout="1"
    />

    We know that form authentication would be a better approach for this
    purpose, but forms authentication does not work if a browser blocks
    cookies.

    Does anyone have an idea?

    Many thanks in advance.
    Daniel Geisenhoff
    Daniel Geisenhoff, Sep 7, 2004
    #1
    1. Advertising

  2. Can you check the value of Session.IsNewSession?

    Eliyahu

    "Daniel Geisenhoff" <> wrote in message
    news:...
    > Hi,
    >
    > we have set our session timeout in web.config and in IIS to 1 minute,
    > but the session never expires. We check a variable Session("UserId")
    > in global.asax, which is still valid after 10 minutes.
    >
    > here is our code in global.asax:
    >
    > Private Sub Global_AcquireRequestState(ByVal sender As Object, ByVal e
    > As System.EventArgs) Handles MyBase.AcquireRequestState
    > If Not LCase(Request.Path).EndsWith("default.aspx") And _
    > Not LCase(Request.Path).EndsWith("frontdoor.aspx") Then
    > If Session("UserId") Is Nothing Then
    > Response.Redirect("frontdoor.aspx", True)
    > End If
    > End If
    > End Sub
    >
    > and this is our session state part in web.config:
    >
    > <sessionState
    > mode="SQLServer"
    > stateConnectionString="tcpip=127.0.0.1:42424"
    > sqlConnectionString="data
    > source=PIII550;Trusted_Connection=no;uid=sa;pwd=xxxxx"
    > cookieless="true"
    > timeout="1"
    > />
    >
    > We know that form authentication would be a better approach for this
    > purpose, but forms authentication does not work if a browser blocks
    > cookies.
    >
    > Does anyone have an idea?
    >
    > Many thanks in advance.
    > Daniel Geisenhoff
    Eliyahu Goldin, Sep 7, 2004
    #2
    1. Advertising

  3. Daniel Geisenhoff

    microteq Guest

    After 5 minutes, the session.isnewsession is still false.

    Thanks.
    Daniel

    *** Sent via Developersdex http://www.developersdex.com ***
    Don't just participate in USENET...get rewarded for it!
    microteq, Sep 7, 2004
    #3
  4. Daniel Geisenhoff

    microteq Guest

    As I am the only user, I am quite sure of that.

    Or can I serve requests without explicitely posting my page?

    Thanks.
    Daniel.

    *** Sent via Developersdex http://www.developersdex.com ***
    Don't just participate in USENET...get rewarded for it!
    microteq, Sep 7, 2004
    #4
  5. Daniel,

    Note that the session timeout refers to the inactivity time. If you are
    serving requests all the time, the session will never expire. Are you sure
    no requests arrive within your timeout period?

    Eliyahu

    "microteq" <> wrote in message
    news:%...
    >
    >
    > After 5 minutes, the session.isnewsession is still false.
    >
    > Thanks.
    > Daniel
    >
    > *** Sent via Developersdex http://www.developersdex.com ***
    > Don't just participate in USENET...get rewarded for it!
    Eliyahu Goldin, Sep 7, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rahul Kansara

    session expires quickly

    Rahul Kansara, Nov 11, 2003, in forum: ASP .Net
    Replies:
    2
    Views:
    1,988
    alex bowers
    Nov 11, 2003
  2. Welman Jordan
    Replies:
    3
    Views:
    523
    Welman Jordan
    Feb 28, 2004
  3. Soren Kuula
    Replies:
    1
    Views:
    437
    Henry S. Thompson
    Dec 1, 2005
  4. Kevin
    Replies:
    4
    Views:
    410
    Irrwahn Grausewitz
    Oct 17, 2003
  5. cache never expires

    , Jan 26, 2007, in forum: ASP .Net
    Replies:
    4
    Views:
    588
Loading...

Share This Page