Session Timeout

Discussion in 'ASP General' started by Jim, Apr 8, 2005.

  1. Jim

    Jim Guest

    The dreaded Session state :)

    All, Just to give a little background this is reagarding an ASP 3.0
    application running on IIS6 using the default app pool.

    I have set the session timeout to 540 minutes in IIS (under options tab in
    Application configuration). There is no code in the Session_OnStart or
    Session_OnEnd in the global.asa. Via an include file, each page executes
    these no-cache related code:
    Response.Buffer = True
    Response.ExpiresAbsolute = Now() - 1
    Response.Expires = 0
    Response.CacheControl = "no-cache"
    Response.CacheControl = "private"

    Sorry, just wanted to give some background on what we're dealing with.
    Anyways, the problem is that the users are saying their session state is
    expiring much sooner than 540 minutes. How is this possible? What did I miss?
    Are there better techniques to ensure the 540 minute session?

    Thanks in advance,
    Jim
     
    Jim, Apr 8, 2005
    #1
    1. Advertising

  2. Setting a session timeout any higher than 90 minutes is somewhat iffy.
    You should perhaps consider using cookies to keep track of them longer than
    that.

    It really all depends on why you are even doing this in the 1st place
    though.



    "Jim" <> wrote in message
    news:...
    > The dreaded Session state :)
    >
    > All, Just to give a little background this is reagarding an ASP 3.0
    > application running on IIS6 using the default app pool.
    >
    > I have set the session timeout to 540 minutes in IIS (under options tab in
    > Application configuration). There is no code in the Session_OnStart or
    > Session_OnEnd in the global.asa. Via an include file, each page executes
    > these no-cache related code:
    > Response.Buffer = True
    > Response.ExpiresAbsolute = Now() - 1
    > Response.Expires = 0
    > Response.CacheControl = "no-cache"
    > Response.CacheControl = "private"
    >
    > Sorry, just wanted to give some background on what we're dealing with.
    > Anyways, the problem is that the users are saying their session state is
    > expiring much sooner than 540 minutes. How is this possible? What did I
    > miss?
    > Are there better techniques to ensure the 540 minute session?
    >
    > Thanks in advance,
    > Jim
     
    Kyle Peterson, Apr 8, 2005
    #2
    1. Advertising

  3. Jim

    Jim Guest

    I see. The only reason why the session state is set so high is the users do
    not want to be exited from the application during the day. When session
    timesout, the app forces the user to exit.

    "Kyle Peterson" wrote:

    > Setting a session timeout any higher than 90 minutes is somewhat iffy.
    > You should perhaps consider using cookies to keep track of them longer than
    > that.
    >
    > It really all depends on why you are even doing this in the 1st place
    > though.
    >
    >
    >
    > "Jim" <> wrote in message
    > news:...
    > > The dreaded Session state :)
    > >
    > > All, Just to give a little background this is reagarding an ASP 3.0
    > > application running on IIS6 using the default app pool.
    > >
    > > I have set the session timeout to 540 minutes in IIS (under options tab in
    > > Application configuration). There is no code in the Session_OnStart or
    > > Session_OnEnd in the global.asa. Via an include file, each page executes
    > > these no-cache related code:
    > > Response.Buffer = True
    > > Response.ExpiresAbsolute = Now() - 1
    > > Response.Expires = 0
    > > Response.CacheControl = "no-cache"
    > > Response.CacheControl = "private"
    > >
    > > Sorry, just wanted to give some background on what we're dealing with.
    > > Anyways, the problem is that the users are saying their session state is
    > > expiring much sooner than 540 minutes. How is this possible? What did I
    > > miss?
    > > Are there better techniques to ensure the 540 minute session?
    > >
    > > Thanks in advance,
    > > Jim

    >
    >
    >
     
    Jim, Apr 9, 2005
    #3
  4. Jim wrote:
    > I see. The only reason why the session state is set so high is the
    > users do not want to be exited from the application during the day.
    > When session timesout, the app forces the user to exit.
    >

    Which is a good thing, as far as the server is concerned. Sessions consume
    system resources. There are other ways to preserve state when it needs to be
    preserved for that amount of time. Cookies, databases, files, etc.

    Bob Barrows

    --
    Microsoft MVP - ASP/ASP.NET
    Please reply to the newsgroup. This email account is my spam trap so I
    don't check it very often. If you must reply off-line, then remove the
    "NO SPAM"
     
    Bob Barrows [MVP], Apr 9, 2005
    #4
  5. Jim

    Jim Guest

    Well no. I solution was to reduce the timeout from 8 hours to 90 minutes.
    Wow, I'm not sure what could be causing your session timeout problem of
    timing out after just four minutes.

    "bes7252" wrote:

    >
    > Jim,
    >
    > We're experiencing timeouts like the one you describe. The timeout in
    > IIS6 is set to 20 minutes, but some of our users say they are "logged
    > out" after approximately 4 minutes. Our debugging code confirms that
    > their session has disappeared.
    >
    > Did you find a resolution to this issue?
    >
    > Brian
    >
    >
    >
    > --
    > bes7252
    > ------------------------------------------------------------------------
    > Posted via http://www.codecomments.com
    > ------------------------------------------------------------------------
    >
    >
     
    Jim, May 13, 2005
    #5
  6. Jim

    jaco Guest

    Good Day,

    I'm experiencing the same problem and need a solution not a work arround.
    Implementing a different state management system in our production
    environment is not a option. Since this will mean retesting and redepolying
    our application to 10 sites world wide.

    This worked fine on IIS 5.0 so why is it not working on IIS 6.0. What was
    changed. And how do we change it back.

    Thanks
    Jaco Roux

    "Bob Barrows [MVP]" wrote:

    > Jim wrote:
    > > I see. The only reason why the session state is set so high is the
    > > users do not want to be exited from the application during the day.
    > > When session timesout, the app forces the user to exit.
    > >

    > Which is a good thing, as far as the server is concerned. Sessions consume
    > system resources. There are other ways to preserve state when it needs to be
    > preserved for that amount of time. Cookies, databases, files, etc.
    >
    > Bob Barrows
    >
    > --
    > Microsoft MVP - ASP/ASP.NET
    > Please reply to the newsgroup. This email account is my spam trap so I
    > don't check it very often. If you must reply off-line, then remove the
    > "NO SPAM"
    >
    >
    >
     
    jaco, Jun 13, 2006
    #6
  7. jaco wrote:
    >> Jim wrote:
    >>> I see. The only reason why the session state is set so high is the
    >>> users do not want to be exited from the application during the day.
    >>> When session timesout, the app forces the user to exit.


    > Good Day,
    >
    > I'm experiencing the same problem


    The text you quoted does not mention a problem and I no longer have the
    original thread on my machine.

    What is the problem? Or the symptoms of the problem if you haven't
    identified the problem?

    > and need a solution not a work
    > arround. Implementing a different state management system in our
    > production environment is not a option. Since this will mean
    > retesting and redepolying our application to 10 sites world wide.
    >
    > This worked fine on IIS 5.0 so why is it not working on IIS 6.0.


    What was working fine on IIS5 but is no longer working on IIS6?

    > What was changed. And how do we change it back.
    >

    Not sure. Lots of things changed. Have you been to the MS website and
    read the "What's New" document for IIS6? Try this:
    http://www.microsoft.com/windowsserver2003/iis/evaluation/features/default.mspx
    or this:
    http://msdn.microsoft.com/library/en-us/iissdk/html/dbeeb5c4-c1a7-42cd-8e03-6513fc08aa92.asp

    There's also this dandy Support Center:
    http://support.microsoft.com/default.aspx?scid=fh;en-us;iis60&x=15&y=13

    as well as the www.iisfaq.com site.

    Bob Barrows
    --
    Microsoft MVP -- ASP/ASP.NET
    Please reply to the newsgroup. The email account listed in my From
    header is my spam trap, so I don't check it very often. You will get a
    quicker response by posting to the newsgroup.
     
    Bob Barrows [MVP], Jun 13, 2006
    #7
  8. Jim

    jaco Guest

    Hi Bob,

    We are currently storing about 30 user profile settings as session variables
    in a asp site.

    Since moving to Windows 2003 R2 with IIS6.0 we are experiencing unexpected
    session timeouts. The session timeout interval is set to 480 minutes or 8
    hours. Our users are however complaining that they are experiencing timeouts
    more randomly and over much shorter intervals.

    Users have to log in again when their session is timed out.

    Implementing a new Session State Management Sub System using cookies and/or
    files and/or SQL DB is not an option purely due to the cost in retesting and
    redistributing the site.

    So the question remains. Why are sessions timing out prematurely?

    Thanks
    Jaco Roux
     
    jaco, Jun 13, 2006
    #8
  9. jaco wrote:
    > Hi Bob,
    >
    > We are currently storing about 30 user profile settings as session
    > variables in a asp site.


    What are you storing? Strings? Arrays? COM objects?

    >
    > Since moving to Windows 2003 R2 with IIS6.0 we are experiencing
    > unexpected session timeouts. The session timeout interval is set to
    > 480 minutes or 8 hours. Our users are however complaining that they
    > are experiencing timeouts more randomly and over much shorter
    > intervals.
    >
    > Users have to log in again when their session is timed out.
    >
    > Implementing a new Session State Management Sub System using cookies
    > and/or files and/or SQL DB is not an option purely due to the cost in
    > retesting and redistributing the site.
    >
    > So the question remains. Why are sessions timing out prematurely?
    >


    Sorry, I don't know. You should try posting to the .inetserver.iis
    group.

    We'd appreciate if you would post whatever solution you find here.

    ....

    I just did a google search and came up with
    http://blogs.msdn.com/david.wang/archive/2005/09/19/Why_do_I_lose_ASP_Session_State_on_IIS6.aspx
    http://support.microsoft.com/default.aspx/kb/233477
    http://groups.google.com/groups?hl=...GLD:en&q=IIS 6 "session timeout" &sa=N&tab=wg

    Do any of these help?

    --
    Microsoft MVP -- ASP/ASP.NET
    Please reply to the newsgroup. The email account listed in my From
    header is my spam trap, so I don't check it very often. You will get a
    quicker response by posting to the newsgroup.
     
    Bob Barrows [MVP], Jun 13, 2006
    #9
  10. Jim

    jaco Guest

    Strings only

    "Bob Barrows [MVP]" wrote:

    > jaco wrote:
    > > Hi Bob,
    > >
    > > We are currently storing about 30 user profile settings as session
    > > variables in a asp site.

    >
    > What are you storing? Strings? Arrays? COM objects?
    >
    > >
    > > Since moving to Windows 2003 R2 with IIS6.0 we are experiencing
    > > unexpected session timeouts. The session timeout interval is set to
    > > 480 minutes or 8 hours. Our users are however complaining that they
    > > are experiencing timeouts more randomly and over much shorter
    > > intervals.
    > >
    > > Users have to log in again when their session is timed out.
    > >
    > > Implementing a new Session State Management Sub System using cookies
    > > and/or files and/or SQL DB is not an option purely due to the cost in
    > > retesting and redistributing the site.
    > >
    > > So the question remains. Why are sessions timing out prematurely?
    > >

    >
    > Sorry, I don't know. You should try posting to the .inetserver.iis
    > group.
    >
    > We'd appreciate if you would post whatever solution you find here.
    >
    > ....
    >
    > I just did a google search and came up with
    > http://blogs.msdn.com/david.wang/archive/2005/09/19/Why_do_I_lose_ASP_Session_State_on_IIS6.aspx
    > http://support.microsoft.com/default.aspx/kb/233477
    > http://groups.google.com/groups?hl=...GLD:en&q=IIS 6 "session timeout" &sa=N&tab=wg
    >
    > Do any of these help?
    >
    > --
    > Microsoft MVP -- ASP/ASP.NET
    > Please reply to the newsgroup. The email account listed in my From
    > header is my spam trap, so I don't check it very often. You will get a
    > quicker response by posting to the newsgroup.
    >
    >
    >
     
    jaco, Jun 13, 2006
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Do
    Replies:
    2
    Views:
    6,456
  2. bruce barker

    Re: ASPX Page Timeout - Session Timeout

    bruce barker, Jul 20, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    11,157
    ASP.Confused
    Jul 20, 2004
  3. =?Utf-8?B?Q3JhaWc=?=

    formsauthentication timeout & session timeout

    =?Utf-8?B?Q3JhaWc=?=, Aug 10, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    2,711
    =?Utf-8?B?RU5JWklO?= .enizin.net>
    Aug 10, 2005
  4. =?Utf-8?B?Um9iSEs=?=
    Replies:
    4
    Views:
    5,438
    =?Utf-8?B?Um9iSEs=?=
    Apr 11, 2007
  5. Mark Probert

    Timeout::timeout and Socket timeout

    Mark Probert, Oct 6, 2004, in forum: Ruby
    Replies:
    1
    Views:
    1,367
    Brian Candler
    Oct 6, 2004
Loading...

Share This Page