I want a specific session variable (in my case Session["level"]) to expire either on the normal 20 min. timer or at 19:30 every day. Because I change a value in my database everyday at 19:30 and I want this session variable to be related to that value. Is this possible?
Anything I have tried didn't work. Currenly I have following code to change asp.net session cookie expiration date and path, but asp doesn't want to listen to me. I sends same cookie in Set-Cookie header two times sometimes, sometimes it sends it's default cookie ignoring path and expiration date, sometimes it sends everything as expected, and sometimes it doesn't send Set-Cookie at all. What should I do.
My code in Global.asax
protected void Application_PreRequestHandlerExecute(Object sender, EventArgs e) { /// only apply session cookie persistence to requests requiring session information if (Context.Handler is IRequiresSessionState || Context.Handler is IReadOnlySessionState) { var sessionState = ConfigurationManager.GetSection("system.web/sessionState") as SessionStateSection; var cookieName = sessionState != null && !string.IsNullOrEmpty(sessionState.CookieName) ? sessionState.CookieName : "ASP.NET_SessionId"; var timeout = sessionState != null ? sessionState.Timeout : TimeSpan.FromMinutes(20); /// Ensure ASP.NET Session Cookies are accessible throughout the subdomains. if (Request.Cookies[cookieName] != null && Session != null && Session.SessionID != null) { Response.Cookies[cookieName].Value = Session.SessionID; Response.Cookies[cookieName].Path = Request.ApplicationPath; Response.Cookies[cookieName].Expires = DateTime.Now.Add(timeout); } } }
I'm implementing the session sharing structure from this link for an ASP classic site to begin the gradual conversion process to ASP.NET. I'm trying to extend the cookie expiration time so that users do not get signed out of the site when the session expires. At the place where the cookie is created in SessionPage.cs I've added the line in the CreateNewSessionCookie() method: cookie.Expires = DateTime.Now.AddDays(14);
Now this works fine, however, it only works if the user first visits an ASP.NET page, and then visits the ASP classic pages. It doesn't work if visiting an ASP classic page first (looking at the cookie through firefox confirms that different expiration values are given based on if I visit an ASP or ASP.NET page first.) I'm still a bit fuzzy on the mechanics behind this implementation as I don't have a complete understanding of session and cookie handling. However, I would have thought that the VB6 SessionMgr object is calling the SessionUtility DLL, and thus is using the same code to issue the cookie. I have re-registered the SessionUtility using gacutil, and re-exposed it using regasm. How else is the cookie being issued when a user accesses an ASP classic page? How can I change the expiration time?
am a ASP.NET developer using Facebook Developer Toolkit to develop a facebook flash application with flash developer.When the user plays the game for a certain period of time, there are chances that the facebook session expires and I can't call any Facebook API for processing as a result.
I have a scenario in my application that I need to display session expiration time to the user. I set session expiration as 30 minutes in my application, 5 minutes before the session expiration, I need to show message to user that the session is going to expire.
How can I will do this implementation, I am using VS 2010 + MVC 2.0 + JQuery.
I am having an aspx page page1.aspx with a button button1. On click of button1, a modal window popup is displaying using jquery.
The modal popup is displaying another page page2.aspx . I have appended the following line in the load event of all aspx pages to handle the session expiration.So that on expiration of session, it will automaticaly redirect to sessionexpired.aspx page.
we are working on a huge project(web application) in asp.net ajax & c#. Per day 300 memmbers will access our website for data entry.we are using mssql 2005.we implemented someany sessions in our project.now our application becomes very slow.We are planning to remove the sessions in our project.
Quick question: Is there a "per-user" data storage object (similar to Session) that I can store data in the global scope (similar to HttpRuntime.Cache)? Almost as if Session and HttpRuntime.Cache had a baby.
Full Background: I have a ASP.NET website that was originally written for a single thread. Now I changed it so that certain actions will spawn a background thread and the browser polls a service to get status updates.
The problem I am having with this is that certain pieces of data are stored into the HttpContext.Session[] object (membership authentication token, for example). These pieces of data need to be unique to each user and accessible to the background thread. Session is not available to the background thread.
I am aware of HttpRuntime.Cache but that would require micromanagement to segment out the users and to expire it at the same time the session is expired. Session, on the other hand, automatically expires this things at the right times that I want it too and is already used by things like the SqlMembershipProvider.
My question is, is there something that behaves similar to the Session but exists in the global scope?
What would be good/scalable user session alternative in following scenario:
users don't have to have cookies enabled URL query string restriction of 255 characters is imposed lot of GET requests (no hidden form fields)application runs on serveral servers (web farm) some users connect over proxy (same IP) users connect over HTTPS 50 000 concurrent users
I'm trying to track down an issue on an ASP.NET v3.5 application where the HttpSession times out before its (default) 20 minutes. We're seeing behaviour where the session is lost only a few minutes into a session, at random and with no discernible cause such as unhandled exceptions. As far as I can tell, the ASP.NET worker process is not dying, otherwise that would have explained the dropped session.
What approach should I use to monitor when the session is dropped? Is there some event I can listen to, or some other hook in the System.Web namespace? Also, can someone confirm that the countdown to expiration is reset by web activity? That is, the session's lifetime gets reset to the (default) 20 minutes each time the web client makes an HTTP GET or POST?
All we have a global ships position tracking website which runs smoothly until IIS application pool recycles.When there is workerprocess recycling looks like session state expires as a result i loose all session data and when customer clicks refresh button he is redirected to login page.
In web.config Session state mode is set to InProc so i changed it to State Server but to my luck i have MAP object which is not serialiazable which is causing the maps from not appearing on the website.I tried adding serializable attribute to the object class but still not succesfull.Our website is accessed by our customers whose count is more than 1000.
Changing the session state mode from InProc to StateServer can really slow down the response time so Is it good to go further fix the serailizable issues and move to state server?.
Is there any way I can retain my session data when application pool recyles?..
Stopping Application pool from recycling may not be a good idea considering health factor of web server.
I have a web application that was working fine. I had to make minor changes that had nothing to do with the Session object in any way. When I run local everything works fine. When I publish to our testing box it all runs fine. When I publish to production it times out on the Session object. Dozens of other applications on the production server run fine and have no trouble with Session.
I have a ASP.NET website which uses forms authentication. The timeout is twenty minutes.
I have noticed that if a user half completes a form, and is then timed out, they are redirected to the login page, fill it in, and are redirected back to the form but with EMPTY controls.
I had prevously assumed that ASP.NET would use some skulduggery to repopulate the form controls when this happens.
We have an MVC.NET application that encounters fatal errors when it restarts. In our Session_Start event handler, we add the session id to a dictionary. In the Session_End handler, we remove it. Consider the following sequence of requests:
GET home.mvc <application restarts> GET main.css GET banner.jpg GET somedata.mvc ...
Because of the way the application is architected, this sort of sequence happens fairly frequently if you do a rebuild while the application is open in a browser window. That wouldn't be terribly concerning except that I see it in production environments too. For example, it will occur (albeit rarely) when you edit web.config.
The requests following the restart are all due to links in the home page or AJAX calls from JavaScript.
What I observe is that .NET handles the first 5 requests in parallel. Each such request causes it to fire the Session_Start event. After a short time, it fires the Session_End event 3 times. To be clear, each Session_Start corresponds to the exact same session. They all have the same session id and the IsNewSession property is true for all session state objects. Also, the Session_End events do not correspond to the session being killed. The session persists, along with any data stored in session state.
I need to either prevent it from firing Session_Start more than once or figure out how to tell when Session_End doesn't really mean that the session has ended.
My ASP.NET intranet web application uses Windows Authentication, and I would like to record the following details:
1) Windows ID 2) Session Start Time 3) Session Stop Time 4) URL being browsed to (optional)
I've got some basic code setup in "Session_Start" method of the Global.ASAX to log session start times (seen below), but that's it so far. I have the feeling this is a primitive approach and there are "better" ways of doing this. So I really have two questions:
1) Is this the right way to go about doing this? If not what are some other options? 2) If this is the right way, do I just need to drop some code in the "Session_End" method to record the time they exit, and thats a complete solution? Does this method always get called when they close the browser tab they have the site open in, or do they have to close the entire browser (I don't have logout functionality)? Any way users can skip over this session end method (or start for that case)?
Dim connsql As New System.Data.SqlClient.SqlConnection(ConfigurationManager.ConnectionStrings("MyConnectionstring").ConnectionString) Dim cmdsql As System.Data.SqlClient.SqlCommand = connsql.CreateCommand cmdsql.CommandText = "BeginUserSession" cmdsql.CommandType = Data.CommandType.StoredProcedure Try cmdsql.Parameters.Add("@windowsid", System.Data.SqlDbType.VarChar, 30, "windowsid") cmdsql.Parameters("@windowsid").Value = Session("UserInfo").identity.name If connsql.State <> System.Data.ConnectionState.Open Then connsql.Open() cmdsql.ExecuteNonQuery() connsql.Close() Catch ex As Exception Finally If connsql.State <> Data.ConnectionState.Closed Then connsql.Close() End Try
I would like to wrap Session variables in a manner similar to that discussed on CodeProject.
[code]....
Here is my question: if I have to access CurrentUser multiple times in the same page, would I get a performance improvement by assigning it to a local variable instead of accessing the wrapping property? Or does the HttpSessionState make sure the object is only deserialized once per request, so that subsequent calls in the same http request don't cost any more?
My client has an asp.net website that opens a php web page inside an iframe. When the user accesses that page there is a "login" from the php site that shows up. The user logs in and can view that page from the PhP site.
All I need to do is set a session on the asp.net website that lets me determine if the user has logged in. Any way to tell me .net site that the user successfully logged in via the iframe page?
I would like to run a SQL query on the codebehind VB page that will also set a value from that query to a Session variable. Also, this needs to be done on the Page_Load. Example: [Code]....
I have a site that when a user logs in it sets their initials into a session variable and sets the timeout value like so:
[Code]....
I want the user to be logged in for 3 hours. This does not work, the session expires after a short period of time, maybe 20 minutes. What do I need to change to make this page level validation work?I have tried setting in web.config also, but this doesn't work either.
Some while ago I found a web page explaining the default size of a session was 2048 kb, the minimum was 1 kb.How can this be adjusted? And if some one has links regarding the subject I would be a happy camper :)
first off I can't post the code, so I will do my best to try to explain what I am trying to do. I have a repeater with three literals (a member ID, a name, a uservalue) and three hyperlinks. Each of the hyperlinks goes to a different page (obviously).What I am trying to do is when the user clicks on one of the hyperlinks, (doesn't matter which one because the three literals need to be put into session variables regardless) I want the session variables set to the literal values before calling the next page.How do I get the session variables set when the user clicks on one of the hyperlinks?
I'm building a site (it's amazing how much you can do and still not know what you're doing).I have my visitor login from a login.aspx page and, when authenticated are redirected to a Portal page. On that Portal page at pageload I set a Session variable "UserName" using the User.Identity.Name like this:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load If User.Identity.Name <> "" And User.Identity.IsAuthenticated = True Then If Page.IsPostBack = False Then Session("UserName") = User.Identity.Name End If [code]...