i am having problems with an asp.net c# site whereby i am setting a session state object to true and then redirecting to another page that needs to check the value of the session state object and it is null.
Sometimes it is set correctly and other times is is simply null.
When i debug on my local machine it works perfectly every time. Only when i upload to my web server does this temperamental behaviour happen.
As it is based around the security of the site it is obviously important that the session data be valid and accurate every time.
Is session state data unreliable?
AFAIK its set to inproc, cookieless, 30 min timeout, vanilla installation of IIS.
Does anyone have any suggestions? Perhaps i need to thread.sleep inbetween the storing of the session data and the reading?
NB: the time between the write and the read is about 70ms.. ample time for the data to be written to RAM.....
My session variables don't get saved if the SessionState mode in the web.config file is set to StateServer. But when I changed it to InProc, then everything is fine and good. I'm trying to save a custom built object (or class) into the session after the user logs in.
i'm interested to do the following - i geuss, i have no option to do that:
we have our "mainapplication" on a DB; we are tracking user-login status by switching a bit in the DB in the users data row.
we hvae a second application, the backend, which is the administration tool.
(the applications are put in seperate diretories on HD)
sometimes, we need to block/ban users. in some cases the users are logged in, when we "see them in action".
i'd like to build a button in the backend-application, which logss-out the user from the mainapplication.
for sure: i can access the same DB and switch the bit to "know" he's offline, but this will not kill the session on the mainapplication.
because: if a user is on/offline is also indicated by the session in the IIS. and as the IIS-session is active, the user may be already banned - but he will not be logged out automatically (and showing something like "you have been logged out because of a ban) one option would be to call the DB by each page-load to find out, if the user is logged on.
What would be the best way to detect if the SessionState has died in order to send the user to a "Session Expired" page? I've successfully configured the app (in Web.config) to do this when the authentication cookie is gone (there's a setting for that), but so far I haven't found an effective way to do something similar when the SessionState is gone. The app in question holds some data in the Session, and should present the user with a "Session Expired - login again" page if any of them is gone.
So far, the only option I can think of doing it in each of the places I access Session, but this is obviously a less than optimal solution.
I'm managing a rather large project, written in asp.net webforms + mvc3, with a large user base, and a pretty high daily visitor count. Basically, there are a lot of requests at any given moment.
One of my controllers in MVC that handles / resizes images on the fly has the following attribute applied to it:
Now, if an action in the controller tries to access the session - it obviously throws an exception - so we're good so far. The problem is: if I go to the IIS Worker Processes window (Win Server 2008 R2, IIS 7.5), and check the current requests for this site, I can sometimes see the requests to an action in this controller. Their current state is locked in State: RequestAcquireState, Module Name: Session. Sometimes these locks go over a second or two in this state.
Wasn't the whole point of the attribute in the first place to make the requests to the controller ignore the state, and not waste time (and possibly being locked) trying to acquire the state? If this is so - am I doing something wrong here, or does the problem lie elsewhere?
From my understanding, the asp.net 1.1 application will login the user then store the information to a session and a cookie? I'm trying to access that cookie with a asp.net 2.0 application. Is this possible?
I'm thinking the mode would need to change to maybe StateServer or Sql.
I have been thinking of ways to optimize the out of state storage of sessions within SQL server and a few I ran across are:
Disable session state on pages that do not require the session. Also, use read-only on pages that are not writing to the session.
In ASP.NET 4.0 use gzip compression option.
Try to keep the amount of data stored in the session to a minimum.
Right now, I have a single object (a class called SessionObject) stored in the session. The good news is, is that it is completely serializable.
Optimizing using protobuf-net An additional way I thought might be a good way to optimize the storage of sessions would be to use protocol buffers (protobuf-net) serialization/deserialization instead of the standard BinaryFormatter. I understand I could have all of my objects inherit ISerializable, but I'd like to not create DTO's or clutter up my Domain layer with serialize/deserialize logic.
I am trying to config my application to use out-of-process sessionState.
<sessionstate mode="stateserver" cookieless="false" timeout="20" sqlconnectionstring="data source=127.0.0.1;user id=<user id>;password=<password>" server="127.0.0.1" port="42424" />In my web.config I get errors for the server and port attributes, telling me that server attribute is not allowed and port attribute is not allowed.
which before I changed sessionState to "InProc" worked as supposed to: menu item "Administrator" appeared as a menu choice only when user had logged in with admin rights. Now this menu choice is present for every user.
I'm completely stuck with this version 188.8.131.52 product.
I'm running in a domain environment but for the specific application i'm using I want to disable security to reduce the workload on the servers when accessing the cache.
I've got a bunch of web servers with an existing application using SQL sessions state, and the idea was to roll out AppFabric and use the session state provider and a fast solution to speed things up. Currently have a single separate server running appFabric Host.
All Servers are on the same domain.
I've got AppFabric Running using this mode on the host
Set-CacheClusterSecurity -ProtectionLevel EncryptAndSign -SecurityMode Transport
Local App Pool on the web servers is using NETWORK SERVICE account, and i've grantedthe machine accounts permissions and it all works fine.
ErrorCode:SubStatus:There is a temporary failure. Please retry later. (One or more specified Cache servers are unavailable, which could be caused by busy network or servers. Ensure that security permission has been granted for this client account on the cluster and that the AppFabric Caching Service is allowed through the firewall on all cache hosts. Retry later.)
My assumption is that the client (session state provider), is set by default to use security and need to be set not too, but can't find any doco on how to change this, or i could be barking up the wrong tree.
We have a webfarm using a SQL Server 2000 database to store our session state.
On the same SQL server are our databases for the rest of the websites. The databases are separate but on the same server.
Recently I found that one of our developers is using the session very inefficiently. He is storing large datatables within the session for users when he could accomplish the same thing through other methods.
Can this inefficient use of the session state (when stored in SQL Server) affect the performance of our main database when they are on the same server?
The answer seems to be yes, to some degree. However, I cannot find any documentation to back me up.
I am performing my first steps with ASP.NET for my employment.Yesterday I tried to perform saving a value to a sessionstate variable, but it does not work.I am using C# and want to code in .NET 3.5. [Code]....
The click performs a postback to a second website where the value is to be displayed on a simple label.The value I initialized in the Global.asax is saved to the variable and then read on the second page, but I cannot manipulate it using the textbox and the button on the first page. I just don't get it...I even tried on different machines and different VS editions.
I'm building a site using the .NET 4 framework using routing and MasterPages.
Because I'm using both routing and MasterPages, I can't see any way how to get value from control on the previous page. To solve this I've used the code behind to store the control's value in a session variable. Is there a way to retrieve a value from a control using PreviousPage or something when using Routing and MasterPages?
This works fine in VWD debug mode and in IIS 5.1, but when I try to deploy it on my Windows Server 2008 (IIS7.5) machine, it get this error:
Session state can only be used when enableSessionState is set to true, either in a configuration file or in the Page directive. also make sure that System.Web.SessionStateModule or a custom session state module is included in the <configuration><system.web><httpModules> section in the application configuration.
i have formview which i populate with some data that coming i store inside class, inside the form view there are two textbox controls that are "hardcoded" inside the FV markup and an ASP Table:
its all work fine, but once i press on the update button inside the formview the page get reloaded with the two "hardcoded" controls that in the markup but all the controls that i added during run-time are no longer there!
i can see them in the form collection but they not visible in the page.
I have an aspx page that loads a static graphic and put session strings in it. I used Image1.Save(Server.MapPath("gen_img2.jpg"), ImageFormat.Jpeg), but it's not saved on the server. I thought this was a user permission problem, so I assigned the ASPNET account write permission to the folder, and it still doesn't work. Did I use the wrong account? I use winserver 2003 and IIS 6.