State Management :: Authentication Cookie Expiration Not Sliding Properly?
Mar 28, 2011
we have a web based application that let users register, activate their account and then login to use the app...
it is very important that accounts must not be used simultaneously, so if user a is logged in using mynameisA/mypassword, no one else can login at the same time using the same credentials, until he logout.
this was achieved by using a cache mechanism that inserts an entry specific to that user and will keep on refreshing at each request, until the user logouts, where we remove that cache entry. on login, we check whether that cache entry is there in order to allow him in or throw a message saying that the user is already logged in... we use enterprise library 5.0 which we found more reliable than the asp.net cache, and for various other practical reasons.
now, this works fine, but the problem is that it seems like the authentication ticket and cookie doesnt slide properly at each request. so sometimes, users end up logged out because their authentication ticket got expired, and they cannot login again because the cache entry is still there.
here is the code in the sign-in page:
' if user credentials are valid, and other checks and validations...
[Code]....
here is the code that runs on every authenticated request (httpmodule):
[Code]....
and here is the web.config stuff:
[Code]....
we've done all kind of tests including metabase IIS6 monitoring. there is no apppool recycle happening...
checking the authentication cookie in firefox view cookies option shows that on each request, the expiration time of the authentication cookie is not sliding.
View 7 Replies
Similar Messages:
Nov 1, 2010
I tried <%= request.cookies("cookiename").expires %> but thats a no go. Tried adding .tostring, no go. what am I to do? Has to be something simple I am missing here.
View 6 Replies
Jun 16, 2010
For some reason my users are logged out of the system every 10-15 minutes or so...regardless of the configuration below....am I missing something?
[code]....
View 1 Replies
Nov 1, 2010
All we have a global ships position tracking website which runs smoothly until IIS application pool recycles.When there is workerprocess recycling looks like session state expires as a result i loose all session data and when customer clicks refresh button he is redirected to login page.
In web.config Session state mode is set to InProc so i changed it to State Server but to my luck i have MAP object which is not serialiazable which is causing the maps from not appearing on the website.I tried adding serializable attribute to the object class but still not succesfull.Our website is accessed by our customers whose count is more than 1000.
Changing the session state mode from InProc to StateServer can really slow down the response time so
Is it good to go further fix the serailizable issues and move to state server?.
Is there any way I can retain my session data when application pool recyles?..
Stopping Application pool from recycling may not be a good idea considering health factor of web server.
View 8 Replies
Sep 8, 2010
I am busy building a shopping cart with cookies. I have datalist which I populate from the cookies with a delete button next to each cookie
[Code]....
Now the problem is that when I hit the delete / remove button to expire the cookie, what happens when repopulating the datalist is that it shows the original cookie with all it's values as well as a new entry where all the values are blank.
View 3 Replies
Jun 8, 2010
1) How/where do I set the lifetime of the session cookie in my web application when using an STS to get claims? From what I can tell, it seems I can only do this programmatically in the erviceConfigurationCreated event.
2) How/where can I make sure that the expiration is sliding?
View 1 Replies
May 10, 2010
I want to change the value in a cookie:
HttpCookie hc = new HttpCookie("HiddenColumns");
hc.Value = customView.HiddenFields;
hc.Expires = DateTime.Now.AddDays(365);
Response.SetCookie(hc);
Or this way:
Response.Cookies["HiddenColumns"].Value = customView.HiddenFields;;
Response.Cookies["HiddenColumns"].Expires = DateTime.Now.AddDays(365);
But when I retrieve the cookie value, it is still old, unless I do postback. I don't want to use Redirect.
View 2 Replies
Mar 5, 2011
I know that when declaring a page method in ASP.NET, I can specify a CacheDuration like so:
[WebMethod(CacheDuration=60)]
public static void Foo()
{
But from what I understand, CacheDuration only supports absolute expiration. I want to have sliding expiration. So that leads me to believe that I need to access the System.Web.Caching.Cache object somehow. But, since page methods are static, and this is essentially a standalone web service, I'm not sure how to access it statically. The only ways I have seen on Google rely on getting it from the HttpContext. But, there is no HttpContext available to me here, right?Or, do I need to use the System.Runtime.Caching.MemoryCache to do my own caching?
View 1 Replies
Jan 21, 2011
I'm using the following line of code to display the number of users currently logged on:
lblNoOfUsers.Text = Membership.GetNumberOfUsersOnline().ToString()
I'm still debugging my application so it's on the local server. As I debug and stop then debug again, eventually lblNoOfUsers.text turns to "0" instead of "1", even as I'm navigating my application. It only turns to "1" again if I log out and sign back in. It's almost as though Membership.GetNumberOfUsersOnline my login are referencing two different session states. How is this possible? Does asp.net create a new session state cookie each time I start debugging?
View 2 Replies
Jul 6, 2010
i have trouble about cookie path: I use VS 2005, code as:
HttpCookie aCookie = new HttpCookie("lastVisit");
aCookie.Value = DateTime.Now.ToString();
aCookie.Expires = DateTime.Now.AddSeconds(30);
aCookie.Path = "/TestCookie";
Response.Cookies.Add(aCookie);
Seem that , i can't get value cookie,although my variable on page which inside TestCookie folder I try get cookie other pages which outside TestCookie folder ! Result is like before attempts.
View 4 Replies
Feb 13, 2011
We are using asp.net and 3.5 framework. I have a process that sets the value of a cookie named "mystaffid" in the Default.aspx code behind page. This holds the unique ID of the internal user (intranet). Now when I leave one of the web pages to go to another page in the same website I am getting the error "Input string was not in a correct format. " on the 3rd line below. how the cookie disappears? Also, this is happening in the Page_Load of the master page and I am doing the exact same thing in other pages with the same master page and not getting the error. The cookie is set to expire in 1 day when it is set in Default.aspx.
Dim intStaffID As Int32 = 0
If Not Request.Cookies("mystaffid") Is Nothing Then
intStaffID = Convert.ToInt32(Request.Cookies("mystaffid").Value)
End If
View 2 Replies
Oct 22, 2010
We have a local homepage, which connect to our production security environment. When I need to test my site in test environment, I need to get fresh cookie (not the one that was sent to me via production security service, when I opened IE with local homepage).
I am getting fresh cookie fine in Mozilla; but in IE I always have production cookie, and this disables my testing. What I should fix here?
View 4 Replies
Apr 10, 2010
I'm using session to store C# object but my session is expiring regularly.
I've given 540 minutes for session timeout. ( <sessionState mode="InProc" timeout="540"/>)
Now I want to use cookie instead of session to remove this timeout problem.
code below:
[code].....
View 17 Replies
Jun 3, 2010
I want to make a cookie that contains a list and then i want to be able to get the information from the list by entering the list items specific key value. I quickly made a test application to see if it works or not and the code that im posting below is Not working
[Code]....
View 7 Replies
Feb 28, 2011
Very new to ASP.NET and C# (somewhat knowledgable in PHP) I have an ASP.NET web application and need to manage access to pages based on a 'status' stored in a cookie. I would like to use the following code to create the cookie in a login method.
HttpCookie cookie = new HttpCookie("UserCookie");
cookie.Value = "status"; <-- this will be replaced with a variable once its working
cookie.Expires = DateTime.Now.AddHours(1);
Response.SetCookie(cookie);
My problem is that the only place I can put this code where it works is in the global.asax Session_Start method. It simply doesn't work anywhere else. I am checking the cookie creation in firefox options and see the ASP.NET_SessionId created but nothing else (This is all running on localhost).
Is the session status somehow interfering with the cookie creation? Do I need to configure something in Web.config? It would appear that the only time I can create a cookie is on Session_Start. Does anyone have any tips, perhaps I am missing something simple?
View 6 Replies
May 4, 2010
I am developing a asp.net 3.5 web site. Cookie is used to store username when site user logins in the site.This works well on my local computer when I'm debugging it with Visual Studio.But when I publish the site and upload it to the server, cookie could not store username.
My code is as below:
//Write COOKIES
HttpCookie loginState = new HttpCookie("loginState",email);
Response.Cookies.Add(loginState);[code]....
View 8 Replies
Dec 22, 2010
I have a website of online games and I try to count and show the number of the uniqe visitor per game page, by using Cookies only. (if someone visit after 24hr it will be uniqe visitor too)
the problems is:sometimes (I don't know why), not always, it's update the counter colomn of the game, +2 instead +1, and I don't know why, there isn't any "for loop" etc.. maybe is't because the url rewrite? but it work fine if people enter again the colomn will not update again, the problem is that is update +2 instead +1 (see the code at the bottom)this is my algorithm (something is wrong in this algorithm so don't use it):
1. put the query string in variable (the name of the game) - i'm using url rewite.
2. use this variable for select the game Name (and another information) from the database (and for the cookie I will use the game name from the database and not from the query string to avoid from capital letter problems, because cappital letter for the first word isn't good because words like of, to etc..).
3. for each pageload (there isn't postback in the game page) check if the cookie of the uniqe game exists
4. if not exists, create a cookie for the unique game (the name of the cookie and the his value will be same, because I don't care about it, it's only for check if the cookie exist, and I can't use one cookie for all the games because each time visitor enter the cookie will create for 1 day).
4. after this creation of the cookie try to find if the cookie exist (for cheaking if the user didn't disable the option for cookies)
5. if yes update the database column of the spesific game
the code:
In the end of the page_load - (the GameName is the virable of the name of the game from the database and not from the qury string).
[Code]....
and the update function
[Code]....
View 4 Replies
Apr 8, 2010
I want to see the asp.net_sessionid cookie on my IE browser. Where can I find it ?
View 8 Replies
Nov 9, 2010
Our app uses session to keep track of users. We stuff their user id into session on logon. If the browser cache is cleared any refresh to the page is done then the user will see the log out sign - as the app cant get theuser id from session as the aspnet_session cookie wont be present in the request.Firefox works correctly but when I clear the cache on i.e. the session is maintained. The session ID's are the same for multiple requests.how I can debug the app to see what cookies its getting. How do I look at the actual cookie that is passed to .net?
View 2 Replies
Apr 1, 2010
I had an xml-serialization which worked fine, but as I have just knew it doesn't work in Opera browser. I think, it's security rules don't allow to write to cookies xml-content.What can I do? Can I use binary serialization or something else?
View 2 Replies
Aug 5, 2010
Can we read cookies value in another page accept where we created it.
If yes can you show me how?
if((!string.IsNullOrEmpty(Request.QueryString["c"]))
{
HttpCookie cookieCode =
new
HttpCookie("CountryCode",
Request.QueryString["c"]);
Response.Cookies.Add(cookieCode);
}
I have already created cookie,now I need to read it in other page
View 1 Replies
Dec 15, 2010
I would like to change ASP.NET session cookie name "ASP.NET_Sessionid" to some other name. I specified <sessionState cookieName="MyCookieName" />. When I use fiddler to view response header, I can see "MyCookieName" with random generated number under cookie section, however, ASP.NET_SessionId also exist there.
View 2 Replies
Oct 27, 2010
I want in Session_Start method check if cookie with specific key exists and if not create cookie with this key.
if (HttpContext.Current.Request.Cookies[key] == null)
{
SetCookie();
}
But in Session_Start it is always NULL. If check it in another place I get cookie's value.
Why is it always NULL in Session_Start?
View 9 Replies
Aug 28, 2010
I use cookie to change the language of my website.
When I click a LinkButton to change the language for first time it works but the other button doesn't work to change the language . I should delete cookie to change the language.
<asp:LinkButton ID="LinkButtonEn" runat="server" CommandArgument="en-US" OnCommand="LnkLang_Command" Text="English"></asp:LinkButton>
protected void LnkLang_Command(object sender, CommandEventArgs e)
{
Response.Cookies["mylang"].Value = "";
Response.Cookies["mylang"].Value = e.CommandArgument.ToString();
Response.Redirect("~/Default.aspx");
}
View 3 Replies
Mar 31, 2010
How to encrypt and decrypt cookie name and values?
View 3 Replies