C# - Changing Expiry On Session State Cookie
Jun 9, 2010
I'm using ASP.NET Session State to keep track of logged in users on my site. However, one problem I'm running into is that by default ASP.NET session cookies are set to expire when the browser closes. I've tried setting my own ASP.NET_SessionId cookie and modifying the cookie's expiry using something similar to the following code:
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(1);
None of these approaches work, they all set a second cookie with the same name. Is there a way of changing the session cookie's expiry?
View 3 Replies
Similar Messages:
Dec 25, 2010
how to set the cookie expiry time towards 20mins from the last request.
View 2 Replies
Aug 20, 2010
is there any way to find out the reason for session expiry?
View 7 Replies
Feb 16, 2010
I am creating a content management system but there is one problem. What I want to do in my website is that when a user opens the website a new sessionid is created for that user, and when the user closes the website, the sessionid is cleared. How can I can do it?
View 3 Replies
Jan 30, 2011
The a way to save an object in session with expiry time , such as when you're saving object in cache.
View 12 Replies
Jan 21, 2011
I'm using the following line of code to display the number of users currently logged on:
lblNoOfUsers.Text = Membership.GetNumberOfUsersOnline().ToString()
I'm still debugging my application so it's on the local server. As I debug and stop then debug again, eventually lblNoOfUsers.text turns to "0" instead of "1", even as I'm navigating my application. It only turns to "1" again if I log out and sign back in. It's almost as though Membership.GetNumberOfUsersOnline my login are referencing two different session states. How is this possible? Does asp.net create a new session state cookie each time I start debugging?
View 2 Replies
Jan 25, 2011
I need to make my asp.net session cookie as secure but whenever i check user authentication and after that i am trying to set cookie to true then my session lost my user information and so it always redirect login page. I am settings user to HttpContext.Current.Session["user"] and check every time, is user is valid and if valid then move ahead. but before that i make my asp.net session cookie as true.
[Code]....
but after that i observe that somehow "Session_Start" event gets called.
View 1 Replies
Jan 10, 2011
The problem is when am assigning my session table value to newly created table and if now am changing any coloumn name then the session table value also changing.
But my question is am assigning Session value to newly created table so how should session value should be affected?
for refference in my application
sessionState
mode="InProc"
View 5 Replies
Nov 15, 2010
Using ASP.NET 2.0, with forms authentication.
Just for a test, I configured the roles cookie in web.config like this :
<roleManager enabled="true" cacheRolesInCookie="true" cookieName=".ASPXROLES" cookieTimeout="2"></roleManager>
I wanted to see what would happen when the cached role cookie expired. Using Fiddler, after 2 minutes had elapsed, I could see that the raw value of the role cookie had changed.
I was expecting that on expiry, that ASP.NET would simply re-read the roles information from the database, and repopulate the cookie with the same value. So my question is, why would the raw value of the cookie change after expiry ? The cookie value is not human-readable (base 64 encoded and/or encrypted ?), so I can't tell if the information in it is the same, although the application still seems to work fine.
EDIT :
It looks like each time the roles are encrypted and cached in the cookie, it gets a different raw value.
e.g. if you run the following code :
RolePrincipal rp = (RolePrincipal) User;
string str = rp.ToEncryptedTicket();
Label1.Text = str;
View 1 Replies
Oct 22, 2010
We have a local homepage, which connect to our production security environment. When I need to test my site in test environment, I need to get fresh cookie (not the one that was sent to me via production security service, when I opened IE with local homepage).
I am getting fresh cookie fine in Mozilla; but in IE I always have production cookie, and this disables my testing. What I should fix here?
View 4 Replies
Dec 15, 2010
I would like to change ASP.NET session cookie name "ASP.NET_Sessionid" to some other name. I specified <sessionState cookieName="MyCookieName" />. When I use fiddler to view response header, I can see "MyCookieName" with random generated number under cookie section, however, ASP.NET_SessionId also exist there.
View 2 Replies
May 21, 2010
I have a website for a simple game. When people sign in their Player ID is stored in a Session variable. I have integrated SMS payments so that my players can buy credits to use to play. This is where the problems start:
To buy credits, players are presented with an .aspx page that holds an IFRAME of the SMS payment proviers form. A code is entered, and the IFRAME POSTS to a URL on the providers server. It is then redirected back to an URL on my server(www.XXX.com/process.aspx), where I handle the results (i.e adds credits to th players account if the payment was successfull).
However, the session dies on return.
I tried with cookies, and saves the player ID in a cookie, but when upon return to www.XXX.com/process.aspx I cannot read the cookie? I'm checking for if (cookie == null) and it evaluates to TRUE, so the player is redirected to an error page.
How come the cookie cant be read? Is it because the POST is coming from an outside URL? And, what about when I do it with a session variable? Same thing there?
View 2 Replies
Feb 21, 2011
If I have two "webroles" (azure), that are NOT using a shared custom state provider, is the "Session.SessionID" be the same in both?It would make sense ,considering that both get the same cookie (because are in the same domain) and have the same machineKey, but I'm not sure
View 3 Replies
May 17, 2010
We have a web app running .net 1.1 that users must login to access (uses FormsAuthentication). At one point, the user submits a form that is handled by a separate web app on the same website but in a different directory (running .net 2.0 and not requiring authentication). When the user submits the form and is redirected to this other page they have some options including returning to the previous web app.
We need our users to stay logged in to the first web app so they do not have to log in again when returning. This works fine on 3 out of four computers, but the fourth computer is asked to log in when they hit the return button (by reviewing the active cookies we see that when it returns to the original web app, the FormsAuthentication cookie is missing)
why this cookie would disappear on one machine but not the others? I am going through IE settings now but the machine has the problem in IE and Chrome (not sure if this would be a shared setting) If it is an IE setting is there a way to make this work without requiring the user to change their settings and without switching to cookieless sessions?
Here is the authentication part of web.config
[Code]....
And if it makes a difference, the redirect and form action property use a the full path, would using a relative path likely change anything?
View 2 Replies
Jan 10, 2011
(i) I have a simple application where I am getting data from a textbox and storing it in a cookie. I noticed that unless I set the Autopostback value of the textbox to TRUE, nothing is stored. Does anyone know why this is the case?
The code I am using are as follows:
[Code]....
View 4 Replies
Sep 8, 2010
I am busy building a shopping cart with cookies. I have datalist which I populate from the cookies with a delete button next to each cookie
[Code]....
Now the problem is that when I hit the delete / remove button to expire the cookie, what happens when repopulating the datalist is that it shows the original cookie with all it's values as well as a new entry where all the values are blank.
View 3 Replies
Feb 20, 2010
I need to create a user login/logout/Session expiry tracking page(ASP.Net).. It is obvious that I can invoke my tracking page when user logs in and logs out.. How do I detect session expirey?
View 3 Replies
Nov 26, 2010
I have added a list to the cache with an expiry date, however the expiry date doesnt work, im not sure how long the cached item lasts but its no more than a day.
[Code]....
View 5 Replies
May 10, 2010
I want to change the value in a cookie:
HttpCookie hc = new HttpCookie("HiddenColumns");
hc.Value = customView.HiddenFields;
hc.Expires = DateTime.Now.AddDays(365);
Response.SetCookie(hc);
Or this way:
Response.Cookies["HiddenColumns"].Value = customView.HiddenFields;;
Response.Cookies["HiddenColumns"].Expires = DateTime.Now.AddDays(365);
But when I retrieve the cookie value, it is still old, unless I do postback. I don't want to use Redirect.
View 2 Replies
Sep 30, 2010
I want to be able to log when a user ends their session on our application and record whether it was a sign out or a the session expired. I am using
cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));
to set a new sessionId on sign out, but when the session expires, the sessionId is reused if the browser instance is not closed. In my web.config I have used
<sessionState mode="InProc" timeout="1" cookieName="session" regenerateExpiredSessionId="true" />
but still get sessions reused. I can't kill the cookie in Session_end() because I don't have access because there is no HttpContext or request, so I can't reset it that way. how I can force a new sessionId from the Global.asax.cs file?
View 2 Replies
Dec 7, 2010
Have not run the ASP.NET Development Server for a while. Today I copied a production website to my workstation and ran it with VS 2008. The following error message popped up. What is the problem with the ASP.NET development Server on my workstation? The website on the Production server still ran okay.Unable to make the session state request to the session state server. Please ensure that the ASP.NET State service is started and that the client and server ports are the same. If the server is on a remote machine, please ensure that it accepts remote requests by checking the value of KEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesaspnet_stateParametersAllowRemoteConnection.
If the server is on the local machine, and if the before mentioned registry value does not exist or is set to 0, then the state server connection string must use either 'localhost' or '127.0.0.1' as the server name.
View 2 Replies
Mar 19, 2011
Is it possible to use mixed cookieless sessions with cookie sessions? I've an application that captured user details and then redirect for payment to an ssl page. I was wondering if this is possible? [URL] redirects to [URL] Note: the session Id in the latter url. So in essence, we use the standard cookie session for the majority of the application but when we transfer to an ssl page we pass the SessionId to the https url to pick up the session. I've tried this locally but it starts a new session.
View 1 Replies
Nov 18, 2010
I read the solutioin for this error, at the following link :http://forums.asp.net/p/1046935/1576341.aspxbut I am still not clear what exactly causes the error. I have two doubts :1. Can anyone please elaborate a bit on this issue, with any example ????2. Is there any drawback of this approach ?
View 4 Replies
Feb 16, 2010
In ASP.NET, I'm a bit confused about role of cookies in session state. Whats is the difference between normal session state and cookieless session state?
View 5 Replies
Jan 21, 2010
I am having a problem with security in a web application I am building using Visual Web Developer 2008. I am using Forms Authentication:
<authentication mode="Forms">
<forms name=".MYAUTH" timeout="20" enableCrossAppRedirects="true" />
</authentication>
And a SQL Server database with ASP.NET Membership and Roles. I am using the LoginView control with the AnonymousTemplate and LoggedInTemplate to manage the user's interaction with logging in and out. The problem I am having is that I am authenticating the user against the database:
If Membership.ValidateUser(_userName, _txtLoginPass.Text)
Then returns True and:
FormsAuthentication.SetAuthCookie(_userName, False)
sets the cookie correctly:
FormsAuthentication.Decrypt(FormsAuthentication.GetAuthCookie(_userName, False).Values(0))
{System.Web.Security.FormsAuthenticationTicket} CookiePath: "/"
Expiration: #1/21/2010 1:42:27 PM#
Expired: False
IsPersistent: False
IssueDate: #1/21/2010 1:22:27 PM#
Name: "jaymo "
UserData: ""
Version: 2
but when I check
HttpContext.Current.User.Identity.IsAuthenticated it always returns False.
If done this before and it worked fine. I cannot find any mistake I might have made or where something might have changed between ASP.NET 2.0 and 3.5.
View 2 Replies
