Setting Cookie Expiration With ASP Classic To Session Sharing Solution
Jun 25, 2010
I'm implementing the session sharing structure from this link for an ASP classic site to begin the gradual conversion process to ASP.NET. I'm trying to extend the cookie expiration time so that users do not get signed out of the site when the session expires. At the place where the cookie is created in SessionPage.cs I've added the line in the CreateNewSessionCookie() method: cookie.Expires = DateTime.Now.AddDays(14);
Now this works fine, however, it only works if the user first visits an ASP.NET page, and then visits the ASP classic pages. It doesn't work if visiting an ASP classic page first (looking at the cookie through firefox confirms that different expiration values are given based on if I visit an ASP or ASP.NET page first.) I'm still a bit fuzzy on the mechanics behind this implementation as I don't have a complete understanding of session and cookie handling. However, I would have thought that the VB6 SessionMgr object is calling the SessionUtility DLL, and thus is using the same code to issue the cookie. I have re-registered the SessionUtility using gacutil, and re-exposed it using regasm. How else is the cookie being issued when a user accesses an ASP classic page? How can I change the expiration time?
View 1 Replies
Similar Messages:
Mar 25, 2010
Anything I have tried didn't work. Currenly I have following code to change asp.net session cookie expiration date and path, but asp doesn't want to listen to me. I sends same cookie in Set-Cookie header two times sometimes, sometimes it sends it's default cookie ignoring path and expiration date, sometimes it sends everything as expected, and sometimes it doesn't send Set-Cookie at all. What should I do.
My code in Global.asax
protected void Application_PreRequestHandlerExecute(Object sender, EventArgs e)
{
/// only apply session cookie persistence to requests requiring session information
if (Context.Handler is IRequiresSessionState || Context.Handler is IReadOnlySessionState)
{
var sessionState = ConfigurationManager.GetSection("system.web/sessionState") as SessionStateSection;
var cookieName = sessionState != null && !string.IsNullOrEmpty(sessionState.CookieName)
? sessionState.CookieName
: "ASP.NET_SessionId";
var timeout = sessionState != null
? sessionState.Timeout
: TimeSpan.FromMinutes(20);
/// Ensure ASP.NET Session Cookies are accessible throughout the subdomains.
if (Request.Cookies[cookieName] != null && Session != null && Session.SessionID != null)
{
Response.Cookies[cookieName].Value = Session.SessionID;
Response.Cookies[cookieName].Path = Request.ApplicationPath;
Response.Cookies[cookieName].Expires = DateTime.Now.Add(timeout);
}
}
}
View 1 Replies
Jan 19, 2011
I have a .net webapplication with the following domains:
www.domain.com
sub.domain.com
files.domain.com
When a user is logged on to domain.com or sub.domain.com, I'd like them to share session state (i.e. be logged into both domains at once). This is possible to do by setting the domain on the session coookie to be ".domain.com". However, my problem is that the domain "files.domain.com" should not have session state due to security issues (xss attacks from user-made files hosted on that domain is an issue).
Is it possible in ASP.NET to use the same asp.net session id for these two domains, but not the third one?
View 5 Replies
Jan 15, 2011
I want a specific session variable (in my case Session["level"]) to expire either on the normal 20 min. timer or at 19:30 every day. Because I change a value in my database everyday at 19:30 and I want this session variable to be related to that value. Is this possible?
View 1 Replies
Nov 1, 2010
I tried <%= request.cookies("cookiename").expires %> but thats a no go. Tried adding .tostring, no go. what am I to do? Has to be something simple I am missing here.
View 6 Replies
Mar 28, 2011
we have a web based application that let users register, activate their account and then login to use the app...
it is very important that accounts must not be used simultaneously, so if user a is logged in using mynameisA/mypassword, no one else can login at the same time using the same credentials, until he logout.
this was achieved by using a cache mechanism that inserts an entry specific to that user and will keep on refreshing at each request, until the user logouts, where we remove that cache entry. on login, we check whether that cache entry is there in order to allow him in or throw a message saying that the user is already logged in... we use enterprise library 5.0 which we found more reliable than the asp.net cache, and for various other practical reasons.
now, this works fine, but the problem is that it seems like the authentication ticket and cookie doesnt slide properly at each request. so sometimes, users end up logged out because their authentication ticket got expired, and they cannot login again because the cache entry is still there.
here is the code in the sign-in page:
' if user credentials are valid, and other checks and validations...
[Code]....
here is the code that runs on every authenticated request (httpmodule):
[Code]....
and here is the web.config stuff:
[Code]....
we've done all kind of tests including metabase IIS6 monitoring. there is no apppool recycle happening...
checking the authentication cookie in firefox view cookies option shows that on each request, the expiration time of the authentication cookie is not sliding.
View 7 Replies
Jun 16, 2010
For some reason my users are logged out of the system every 10-15 minutes or so...regardless of the configuration below....am I missing something?
[code]....
View 1 Replies
Dec 28, 2010
i'm creating a cookie with an expiration of 12 hours from now. when i run my solution locally and go into C:Users..AppDataLocalMicrosoftWindowsTemporary Internet Files and look at the expires property of my cookie the date and time are correct. However, when I deploy this to our web server and go to the website i notice the cookie that got created for it has an expiration date of 2 years from now, minus a day. So the cookie should be set to expire on 12/29/2010 8:00 PM for example instead shows 12/28/2012 8:00 PM. Here's the code i'm using to create the cookie, pretty basic. And yes, the date on the web server is correct. I really want the cookie to expire in 12 hours, not 2 years.
[Code]....
View 6 Replies
Dec 3, 2010
I am looking for general direction on the best practice here. I have a class that I want to share between two different forms in two projects that are associated. The two forms are in seperate projects but both projects load together as I have added the second project to the first. I also have a class that I want to share between these two projects which will cause me to add another project to this solution with will mean I will have three projects in my solution. My question is how do I best share this class?
I believe the only way to do this is to add the class in the reference in both of the form projects?... Is this correct ? I'd really like to just reference the class and inherit it in the source code without adding it as a reference but I am feeling that I can't do that. I am obviously pressed for time and working on other projects and a I am a experienced coder with only about 1 year of C# experience...
View 4 Replies
May 25, 2010
If MVC application has multiple projects (The solution may grow large in future). These projects may share controllers such as application controller accouts controller and there may also be a situation in which namespace of one project is shared by other project. What is the best way of implementing such solution. One approach may be to use areas.
View 4 Replies
Jul 7, 2010
I have an asp.net solution in which there are two web application projects (client website and admin website) and also a class liabrary project in the same solution . In the live production server, the admin web app is within the client app (eg: client site= [URL] and admin site=[URL]). A class (with static variables) in class liabrary is userd to cache data. My problem is that i cannot get the changes to the static cache by one web project reflected to the other (becoz, i think, they seem to load in seperate appdomains).
View 3 Replies
May 17, 2010
If I want to share cookies among applications, applications need to be in the same domain. In production it is no problem. But I have problem with development. If I run those applications in Visual Studio, it runs application in "localhost" and it is not same domain. I don`t see cookies among applications.
View 1 Replies
Sep 1, 2010
I am using VS2005 and I have a solution file (.SLN) which has 8 projects. I moved the solution file to a different path on a shared folder to have better organization of my projects and to allow access to the solution/projects from any computer on the network. After that, I edited the .SLN file so that the path of the projects in the solution file are correct (all on shared folders).
After that, I opened the .SLN and everything seemd to be working fine. However, I notcied that the "Start Options" of the website part of the solution file is missing the "Start Options", ie, the Start Options are reset to default values. I think also, but not sure, some other settings of the Solution/Projects have been reset.
Questions:
1. Where the Web Site "Start Options" are stored ?
2. How I can maintain the Start Options and similar settings if the .SLN file is moved or opened from different computers on the network ?
3. I am not using an team development tools, only plain (vanilla) VS 2005 Prof. Edition. Is it possible to have 2 or more developers work on the same solution/projects (shared on the network), if both developers will coordinate manually simultanous access to the porject files/resources/source code ?
View 6 Replies
Jan 27, 2010
am a ASP.NET developer using Facebook Developer Toolkit to develop a facebook flash application with flash developer.When the user plays the game for a certain period of time, there are chances that the facebook session expires and I can't call any Facebook API for processing as a result.
View 2 Replies
Jan 5, 2011
I have a scenario in my application that I need to display session expiration time to the user. I set session expiration as 30 minutes in my application, 5 minutes before the session expiration, I need to show message to user that the session is going to expire.
How can I will do this implementation, I am using VS 2010 + MVC 2.0 + JQuery.
View 3 Replies
Jun 24, 2010
I am having an aspx page page1.aspx with a button button1. On click of button1, a modal window popup is displaying using jquery.
The modal popup is displaying another page page2.aspx . I have appended the following line in the load event of all aspx pages to handle the session expiration.So that on expiration of session, it will automaticaly redirect to sessionexpired.aspx page.
Response.AppendHeader(
"Refresh",
Convert.ToString((Session.Timeout * 60) + 10) +
";URL=SessionExpired.aspx");
View 6 Replies
Jan 25, 2011
I need to make my asp.net session cookie as secure but whenever i check user authentication and after that i am trying to set cookie to true then my session lost my user information and so it always redirect login page. I am settings user to HttpContext.Current.Session["user"] and check every time, is user is valid and if valid then move ahead. but before that i make my asp.net session cookie as true.
[Code]....
but after that i observe that somehow "Session_Start" event gets called.
View 1 Replies
Mar 10, 2010
How i redirect the page to Login page automatically if session Expires .
View 7 Replies
Mar 19, 2011
Is it possible to use mixed cookieless sessions with cookie sessions? I've an application that captured user details and then redirect for payment to an ssl page. I was wondering if this is possible? [URL] redirects to [URL] Note: the session Id in the latter url. So in essence, we use the standard cookie session for the majority of the application but when we transfer to an ssl page we pass the SessionId to the https url to pick up the session. I've tried this locally but it starts a new session.
View 1 Replies
Jun 11, 2010
I have an ASP.NET website for which i've set the authetication timeout to 60 days so that my users don't have to log in each time they come back if they checked the "remember me" option. Basic ASP.NET login mechanism... It's working fine on my developpement server as well as on the visual studio built-in web server. I can close the browser, wait around 30-40 minutes and browse back to the site and be automatically logged in.
However, I've not moved the site to a hosting provider and it seems that whatever I do to my Web.config file, the cookie expires after around 30 minutes (hard to tell the exact amount of time). I have asked the provider's help support and they basically told me: "Web.config file is to configure your website. Please do not change it if you don't know what you are doing"Frustrating answer indeed... be sure, I checked everywhere on the net for exceptions, fine prints, in the basic asp.net authentication but found none.I have access to IIS remote management for my site (IIS 7) but don't really know where to look. Can there be something in the IIS setting that is overriding my web.config authentication setting?
View 1 Replies
Jan 20, 2011
We are migrating an ASP Classic website over to ASP.Net. One of the big hurdles is the large amount of data stored in SessionState by the ASP Classic website.
I am looking for ways that session state can be shared between the two applications. I found the following link from microsoft MSDN that describes how to share session with a shared database. Unfortunately it uses the binary formatter to serialize into the database and I have recently had some bad experiences with said binary serialization.
how to share session state? or alternatives to the binary serialization?
View 3 Replies
May 2, 2010
I'd like to stop IE8 from sharing my sessions in one of two ways (or both if possible):
Through configuring the browser to always do this (so I can force my users to configure their browsers in this way). Through code in my web application.
View 1 Replies
Aug 4, 2010
In pageload, if you do Response.Cookies.Add(..., immediately in the next line, you can access that cookie via Request.Cookies(... I know that under the covers, the cookie is added to Request.Cookies by .net, but the original request never had that cookie.
If what I'm saying is correct, why is it this way? Shouldn't the cookie be available in the following request? Shouldn't the immediate access to Request.Cookies(... be null?
View 1 Replies
Apr 23, 2010
I have an asp.net application and webservices (asmx) that reside in the same application but not in the same folder of the aspx files. I aslo have a winform application that uses the webservices. I have marked the webservice methods with [WebMethod(EnableSession = true)] but I am not able to share the same session values that are on the application in the webservices. The winform application has access to the sessionID from the application and I am using the following code
Uri uri = new Uri(ServerServiceUrl);
_cookieContainer = new CookieContainer();
_cookieContainer.Add(new Cookie("ASP.NET_SessionId", SessionID, "/", uri.Host));
My question is: Is there something that I am missing or doing wrong that I cannot access the application sessioin from the webservices?
View 2 Replies
Jun 17, 2010
we're in the process of trying to speed up the performance of our website by serving static content from a cookieless domain. That seems to be going well, but I have a new question:
I know that it's "static content" that we're talking about when serving it from a cookieless domain, but we also have static content being served by ASPX pages, specifically images. For example:
domain.com/resizeImages.aspx?src=images/image123.jpg&width=400&height=400
How can I serve the resizeImages.aspx image without ASP.NET setting a cookie on my browser? (At present it sets an ASPXANONYMOUS cookie.)
View 1 Replies