Session never expires

  • Thread starter Daniel Geisenhoff
  • Start date
D

Daniel Geisenhoff

Hi,

we have set our session timeout in web.config and in IIS to 1 minute,
but the session never expires. We check a variable Session("UserId")
in global.asax, which is still valid after 10 minutes.

here is our code in global.asax:

Private Sub Global_AcquireRequestState(ByVal sender As Object, ByVal e
As System.EventArgs) Handles MyBase.AcquireRequestState
If Not LCase(Request.Path).EndsWith("default.aspx") And _
Not LCase(Request.Path).EndsWith("frontdoor.aspx") Then
If Session("UserId") Is Nothing Then
Response.Redirect("frontdoor.aspx", True)
End If
End If
End Sub

and this is our session state part in web.config:

<sessionState
mode="SQLServer"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data
source=PIII550;Trusted_Connection=no;uid=sa;pwd=xxxxx"
cookieless="true"
timeout="1"
/>

We know that form authentication would be a better approach for this
purpose, but forms authentication does not work if a browser blocks
cookies.

Does anyone have an idea?

Many thanks in advance.
Daniel Geisenhoff
 
M

microteq

As I am the only user, I am quite sure of that.

Or can I serve requests without explicitely posting my page?

Thanks.
Daniel.
 
E

Eliyahu Goldin

Daniel,

Note that the session timeout refers to the inactivity time. If you are
serving requests all the time, the session will never expire. Are you sure
no requests arrive within your timeout period?

Eliyahu
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,902
Latest member
Elena68X5

Latest Threads

Top