I've got an ASP.NET MVC app running under IIS7. It's using the default in-proc session management, which, according to all that I read, should lose the users' session after an app pool recycle.It doesn't seem to be losing it though. Even an IIS reset doesn't lose the session.Has something changed in IIS7 that keeps the session alive?
View 1 RepliesI have a number of ASP.NET (4.0) web applications that appear to leak (a small amount) of memory during each request. It is such a small amount, that for most use-cases, it will not grow to become a problem for weeks or even months at a time. I generally try to be good with closing any connections managed by the application, avoiding state-variables (or instance variables for my singleton), etc. My question is this - is this normal behavior for ASP.NET applications? I had turned off the default (IIS 7) behavior of recycling the app pool after 20 minutes of being idle. I do this since the application takes a few minutes to build its internal cache, and I want to avoid negatively impacting the user experience (and having them wait for the application to start when they issue the request).
View 1 RepliesI need an app pool recycle to be completely transparent to the users of my web app. I use ASP.NET 3.5 MVC 1.
Currently, upon an IIS 7 App Pool recycle all users logged into my web app are kicked out and are required to log back in (Context.User.Identity.IsAuthenticated is set to false). I employ SQL State Server, I use forms authentication and both are configured to use cookies. I was under the impression that .NET and/or IIS handles authentication of cookies.
However, every time the app pool is recycled Context.User.Identity.IsAuthenticated is set to false my users are kicked out and are required to log back in. I can see that the session id remains the same throughout logins, I can also view this session information in the database/state server.
Logon method:
[Code]....
Custom Controller Attribute:
[Code]....
WebConfig:
[Code]....
I have a Silverlight application using a WCF service hosted in IIS. I make use of some aspects of ASP.NET. I have the following folder structure for my application:
inetput
wwwroot
myapp
reports
{user-guid-folders}
report1.pdf
report2.pdf
App_Data (folder)
bin (folder)
Client_Bin (folder)
(various .aspx files, plus web.config, etc.)
The application dynamically generates reports and puts them in a folder with a GUID for the name which is unique to the user. This all works fine. However, when the user logs out I was cleaning up and deleting the PDF files in their folder, then deleting their GUID folder.
Deleting the files works fine, but if I delete the folder, the application recycles (which then removes all other users' sessions - I get a Session_OnEnd event for every user's session, and an Application_OnEnd event. The next user request causes the whole application to restart. So, while I can fix this by not deleting the GUID folder (which my application itself created), what is the reason for this? Is there any way I can prevent this from happening?
I need to make my asp.net session cookie as secure but whenever i check user authentication and after that i am trying to set cookie to true then my session lost my user information and so it always redirect login page. I am settings user to HttpContext.Current.Session["user"] and check every time, is user is valid and if valid then move ahead. but before that i make my asp.net session cookie as true.
[Code]....
but after that i observe that somehow "Session_Start" event gets called.
We have three web servers in our web farm that are load balanced using the Network Load Balancing Manager in Windows 2003. The sites that run on these boxes use In-Proc ASP.NET session. Our assumption is that the balancing uses a "sticky" session because users seem to be assigned to a given server during their use of the application as well as there doesn't appear to be any session error where the session data is residing on a previous machine. My question is how can I 1) verify that our balancing configuration is using "sticky" sessions and 2) can someone explain the load balancing feature in Windows 2003 relative to ASP.NET web applications?
View 1 RepliesI'm considering moving our web app session storage from In Proc to State Server. Can anybody give any figures as to the performance difference?
View 1 RepliesI need to put some of the entities created via a.dbml Linq-To-Sql file into Session State. Because I am using out-of-proc State Server, they need to be serializable. How can I achieve this? I have tried setting the Serialization mode in the .dbml file to 'Unidirectional'.
View 1 RepliesAll we have a global ships position tracking website which runs smoothly until IIS application pool recycles.When there is workerprocess recycling looks like session state expires as a result i loose all session data and when customer clicks refresh button he is redirected to login page.
In web.config Session state mode is set to InProc so i changed it to State Server but to my luck i have MAP object which is not serialiazable which is causing the maps from not appearing on the website.I tried adding serializable attribute to the object class but still not succesfull.Our website is accessed by our customers whose count is more than 1000.
Changing the session state mode from InProc to StateServer can really slow down the response time so
Is it good to go further fix the serailizable issues and move to state server?.
Is there any way I can retain my session data when application pool recyles?..
Stopping Application pool from recycling may not be a good idea considering health factor of web server.
Am doing wepsite for show images from local drive using asp.net.am using session object for Transfer image path from first page to second page its running nice in vs 2003 .but i converted this website to vs 2005.but session value does't pass to next page.i got null value in session object. am using inproc session mode
View 3 RepliesGiven this Global.asax.cs:
using System;
using System.Web;
namespace Foo.Web {
[code]....
User hits webapp and is shown Introduction.aspx
User continues using webapp for a few minutes (ASP.NET_SessionId: ublbhu45ji31e055ywqu0555)
User falls idle (doesn't perform any postbacks) for a few minutes
User performs postback
User is shown Introduction.aspx
Second inspection of user's ASP.NET_SessionId cookie still shows ublbhu45ji31e055ywqu0555
Why is the user shown Introduction.apsx the second time inside the same ASP.NET Session? I'm familiar w/ the risk in setting session variables just before a redirect in the same postback, but that doesn't apply here, right?
I do not know why, but every time I add a ModelErrror my session is lost. Someone tell me how I can work around / fix it?
Session[CtSessionName + SessionId] = _ListaAcaoMenuInfo;
AcaoMenuInfoExt _SelecionadoAcaoMenuExt = _ListaAcaoMenuInfo.Where(p => p.Id_acao == id).FirstOrDefault();
if (_SelecionadoAcaoMenuExt.Is_AcaoInicial)
{
ModelState.AddModelError(String.Empty, "Error! Try Again, and Again, And Again!");
}
I have two sites desigined on ASP.net MVC 2 pattern. I want to redirect from one site to another with the help of Redirect(url) action result. My problem is that I am able to redirect to other site but my session gets lost. Is there any way by which I can retain the session value? My constraints are I cannot use the sql membership provider, cookies and querystrings
View 19 RepliesI have session variable that is created in EditPlaylist.aspx. Edit.aspx is loading EditPlaylist.aspx in an iframe. when loading sessions from EditPlaylist.aspx page they are null. the session was not before I added the EditPlaylist.aspx to an iFrame. Is there a workaround for this?
View 1 RepliesI'm learning asp.net mvc 2, it's very excting with me.
I has built a small MVC2 application, it is working fine in built it ASP.net Development Server. However, there're something wrong when have it deployed in IIS 7.5, Window Server 2008 R2 Enterprise. Session is awlays null when I access the application by IE and use hostname to specify the url.
Using IE (IE 7 or IE8) to access my application with link [URL] every working fine
But when I use IE (IE 7 or IE8) to access my application with link [URL] session always null
I'm supprised while FireFox working fine in all cases, both of built in ASP.net Development Server and IIS server, both cases hostname and ip and localhost.
i'm using session variables for send variables between aspx page and it works fine ...but after some time of inctivity(user) in the page the sessions is los...how can i resolve this issue ? this is my code below how to send session :
protected void Lst_Interv(object sender, EventArgs e)
{
Session["Id"] = gdMedical.SelectedRow.Cells[0].Text.Trim();
Session["Service"] = gdMedical.SelectedRow.Cells[6].Text.Trim();
Session["Nom"] = gdMedical.SelectedRow.Cells[2].Text.Trim();
string pageurl = "LstIntervention.aspx";
Response.Write("<script> window.open('" + pageurl + "','_blank'); </script>");
}
I'm creating a site. Below is my authentication tag and session tag in web.config
<authentication mode="Forms">
<forms protection="All" loginUrl="Pages/Log In/Login.aspx" name=".ASPXFORMSAUTH" cookieless="UseCookies" requireSSL="false"
defaultUrl="Pages/Common/Default.aspx" enableCrossAppRedirects="false" slidingExpiration="true" timeout="30"path="/">
</forms>
</authentication>
<sessionState mode="InProc" timeout="30" cookieless="false" cookieName=".ASPSession"/>
And I have a custom Membership Providor....
<membership defaultProvider="SqlMemberShipProvider" userIsOnlineTimeWindow="15" hashAlgorithmType="">
<providers>
<clear/>
<add
name="SqlMemberShipProvider"
type="RoalManagement.SqlMemberShipProvider"
connectionStringName="SqlServices"
enablePasswordRetrieval="true"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
writeExceptionsToEventLog="true"
applicationName="OnlineOnTheWeb"
minRequiredPasswordLength="6"
passwordStrengthRegularExpression="^.*(?=.{6,50})(?=.*[a-z])(?=.*[A-Z])(?=.*[dW]).*$"
maxInvalidPasswordAttempts="3"
requiresUniqueEmail="true"
/>
</providers>
</membership>
Now in login page after firsttime login i set some session data... like
protected void Login_LoggedIn(object sender, EventArgs e)
{
//.....
Session["EMPLOYEELOGGEDIN"] = "Y";
//.....
}
Now say i close the browser... and next time when i open the site it takes me directly to the default page [Login_LoggedIn is not called accordingly]... because i'm already logged in for 30 mins acc. to configuration. but as my session id gets changed i can't access Session["EMPLOYEELOGGEDIN"] from any page in this time. It always returns null. But how do i get back the previous session for that person?
I'm evaluating using Ajax in a new project and so I've developed a simple web page to test a few things, however even the simplest task seems to cause my session to be cleared. I am using VS2008 with .Net 3.5 SP1 and the page is in my existing solution which has several custom handlers and modules in the web.config. Below is the code I'm using, it's a simple test which puts a variable into the session then on the buttons postback tries to get the same variable, however it always fails as the session is blank.
The Default.aspx code snippet
<form id="form1" runat="server">
<asp:ScriptManager ID="ScriptManager1" runat="server" /> [code]....
I have an asp.net login page, which when initialized sets some session variables. When the user clicks login, an AJAX request is made which validates the user and sets additional session variables and returns a result to the client. The client is then redirected based on the login result. In the redirected page, I can access the session variables set when the login page was initialized (i.e. before the login) but none are present for those set during the login validation (part of an ajax call).
is this expected behaviour? Why would an ajax call generate a new session and thus cause the data to be lost?
I am setting a Session variable in an HttpHandler, and then getting its value in the Page_load event of an ASPX page. I'm setting it using
public void ProcessRequest(HttpContext context)
{
HttpPostedFile file = context.Request.Files["Filedata"];
context.Session["WorkingImage"] = file.FileName;
}
(And before someone suggests that I check the validity of file.FileName, this same problem occurs if I hard-code a test string in there.) It's working just fine in IE, but in Firefox the Session Variable is not found, getting the "Object reference not set to an instance of an object" error in the following code:
protected void Page_Load(object sender, EventArgs e)
{
string loc = Session["WorkingImage"].ToString();
}
Has anyone encountered this problem - and hopefully come up with a means for passing the session variable?
I created HttpHandler class in ASP.NET and configured a website to handle any request with the *.test path.
public class GameHandler : IHttpHandler, IRequiresSessionState
{
public bool IsReusable
{
get
{
return false;
[Code]....
I suspect the problem is that ASP.NET doesn't know these requests sent from javascript belong to the same session and that's why the Session values are lost.
I have this code in the end of link button click:
Response.ContentType = "application/zip";
Response.AppendHeader("content-disposition", "attachment; filename=download.zip");
Response.TransmitFile(Server.MapPath("download.zip"));
Response.End();
Response.Flush();
to download a zip file from an aspx page.In the previous page i set a session variable, after going to this download page and download the file, then press back i find the session=null "this happen after downloading more than 1 time", and the application_end in global.ascx called. Do you know why this may happen??Note: this is happening on all browsers, on IIS7 both local and on my server.
I am developing an application using Visual Studio 2010 and SQLServer 2008. My application has two pages and the first page contains a GridView with all the records "User Administration" and when user click on any Username (template field ->linkbutton) I read the USERID like this.
Session["UserID"] = e.commandArgument;
Response.Redirect("UserOperations.aspx");
which takes it to the Data Entry page where user updates the information and save the data.
The problem i am facing is that when I hit the browser REFRESH button couple of times the session variables looses the value which is trouble for me as I am using Session Variables for different purposes.
I have an ASP.NET 2.0 site that stores a user's ID in session to indicate that they are logged in. In some situations, the user doesn't appear to stay logged in. I've been monitoring traffic in Fiddler, and some details I've found: The problem is 100% repeatable on an older laptop of mine when running IE7 and the project manager's laptop when running IE7. The problem does not ever occur on my current laptop running IE7, or any of these laptops when running FF. The problem occurs only in production--not on development, internal staging, or client staging. Production is the only load balanced environment, but the repeatability noted above makes me question load balancing as a factor.
When the page which sets Session("ID") = 1 sends a response back to the client, I can see a "Set-Cookie" header in all cases, which is creating the ASP.Net_Session_Id cookie (and it's HttpOnly). Subsequent requests to the server will send that cookie in the header on machines which are not exhibiting the problem, but not on machines that are, so either the cookie is getting deleted or the "Set-Cookie" header is being ignored.
The way logging in works is as follows: a page on [URL] has an iframe. The source of that iframe is a page on [URL]. A variety of pages served from [URL] take the user through the login/register process. The final step of [URL] is to redirect to a page back on [URL], including the user's ID in the querystring. This page on [URL] typically stores the ID in session, and then runs some JS to redirect the top level document to a new page, thus taking the user out of the iframe. This is a process that has worked for several years, with several values of [URL]. The one thing that may be different here is that in this case, the JS is simply destroying the iframe and some containing div's.
Another difference I see between scenarios where the problem occurs and where it doesn't is in the Google Analytics cookies. There is a difference when [URL] does its redirect to [URL] inside the iframe. When the problem does not occur, the request for SaveTheID.aspx includes a variety of Google Analytics cookies (__utma, __utmz, etc). When the problem does occur, this request does not include all the GA cookies (it's missing __utma, __utmz and __utmb). Production is the only environment where [URL] runs under SSL, so I thought that may be related. But we temporarily set up our staging copy of [URL] to use SSL, and that had no effect.
I am using Session ID Manager in all the pages of the website, but I am losing session variables in between the pages. what should I do to save the values of session variables.
Anoop