Strange Session Restart

Discussion in 'ASP .Net' started by js, Dec 8, 2005.

  1. js

    js Guest

    I am using form authentication and InProc cookieless session. The
    strange thing is that when an authenticated user try to navigate to any
    page that is in subfolder of the application root, the session is
    restarted and new session id is generated. Thus the user would never
    be able to access those pages because each page's InitializeComponent()
    checks if (Session.Keys.Count == 0). If yes, then server transfer the
    request to login.aspx page again.
    Does anyone know why the session is restarted? Thanks. The following
    are snippets of the web.config and login.aspx:

    Web.config
    ========
    <system.web>
    <compilation defaultLanguage="c#" debug="true" />
    <customErrors mode="Off" defaultRedirect="/accessDenied.aspx"/>
    <trace enabled="false" requestLimit="10" pageOutput="false"
    traceMode="SortByTime" localOnly="true" />
    <sessionState mode="InProc" cookieless="true" timeout="20" />

    <authentication mode="Forms">
    <forms
    name="my_Authorization"
    loginUrl="Login.aspx"
    protection="All"
    path="/"
    requireSSL="false"
    slidingExpiration="false">
    <credentials passwordFormat = "SHA1"/>
    </forms>
    </authentication>

    <authorization>
    <deny users="?"/>
    </authorization>

    </system.web>

    <!-- page that does not require login -->
    <location path="main.aspx">
    <system.web>
    <authorization>
    <allow users="?"/>
    </authorization>
    </system.web>
    </location>

    <!-- page that does not require login -->
    <location path="_Net/forms/StatusChange.aspx">
    <system.web>
    <authorization>
    <allow users="?"/>
    </authorization>
    </system.web>
    </location>

    Logoin.aspx
    =========
    private void btnLogin_Click(object sender, System.EventArgs e)
    {
    if (Page.IsValid)
    {
    string strAccountName = Server.HtmlEncode(txtAccount.Text);
    string strPassword = Server.HtmlEncode(txtPassword.Text);

    oUserCredential = new User();
    if(oUserCredential.UserCredential(strAccountName, strPassword))
    {
    Session["Account"] = oUserCredential.Account;
    Session["UserID"] = oUserCredential.UserId;
    Session["UserOrganization"] = oUserCredential.Organization;
    Session["FirstName"] = oUserCredential.FirstName;
    Session["LastName"] = oUserCredential.LastName;
    Session["UserEmail"] = oUserCredential.Email;
    Session["UserRole"] = oUserCredential.Role;
    Session["SrmRole"] = oUserCredential.SrmRole;

    // Return to the originally requested URL.

    System.Web.Security.FormsAuthentication.RedirectFromLoginPage(strAccountName,PersistCookie.Checked);

    }
    else
    Msg.Text = "Invalid Credentials: Please try again. <br/>";
    }
     
    js, Dec 8, 2005
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Harry Simpson

    HELP! How to handle Session Restart on Logon

    Harry Simpson, Aug 14, 2003, in forum: ASP .Net
    Replies:
    6
    Views:
    392
    Guenther Liebowitz
    Aug 14, 2003
  2. Wes Jackson

    Session Restart

    Wes Jackson, Dec 8, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    379
    Wes Jackson
    Dec 8, 2003
  3. Bruno Jouhier [MVP]
    Replies:
    5
    Views:
    416
    Steven Cheng[MSFT]
    Apr 7, 2004
  4. Malin

    Session restart problem

    Malin, Jan 19, 2006, in forum: ASP .Net
    Replies:
    1
    Views:
    367
    Malin
    Jan 20, 2006
  5. Josef Moellers

    Restart Perl Application upon KDE Restart

    Josef Moellers, Jul 18, 2013, in forum: Perl Misc
    Replies:
    18
    Views:
    285
    Adam H. Kerman
    Jul 26, 2013
Loading...

Share This Page