Home » Categories » Multiple Categories |
Issue with Storing Session |
Article Number: 301 | Rating: Unrated | Last Updated: Tue, Mar 24, 2015 at 10:30 PM
|
Sometimes, the session on your website can expire earlier than you expect. The followings are the steps you need to check:
1. In .Net, you cannot use authentication without session. The session ID can be transmitted with client either in a cookie, or in the page url. There is no need to choose between session and cookie, as the cookie actually holds the session id.
2. On the server, session data is stored either in memory (in process or outside process), or in database.
3. The cookie is encrypted using a key called the "machine key". By default, everytime the app pool is recycled, a new machine key is created and the session data that is in memory is lost. On a shared server, this results in the end of a session, since the cookie cannot be decrypted anymore.
The solution: Store a static machine key in the web.config of the web application.
Also, storing the session data in the database instead of memory (in proc) can be useful to preserve sessions.
|
Attachments
There are no attachments for this article.
|
How To Solve Problem with Connection String on EF (Entity Framework) 4 or above
Viewed 31457 times since Mon, Apr 1, 2013
I receive this error message: "Directory Listing Denied. This Virtual Directory does not allow contents to be listed."
Viewed 10291 times since Mon, Apr 30, 2012
How do I query MySQL database in ASP.NET?
Viewed 12251 times since Tue, May 1, 2012
Why do I suddenly receive the error message: "Compiler Error Message: The compiler failed with error code XXXXXXXXX"?
Viewed 16342 times since Wed, Feb 17, 2016
How to Deploy and host .Net Core 2 and Angular 6 app
Viewed 12589 times since Tue, Oct 23, 2018
Do you support ASP.NET MVC 6?
Viewed 4347 times since Wed, Feb 17, 2016
I get an error Server.CreateObject Failed when I try to use CDONTs. What can I do?
Viewed 2659 times since Tue, May 1, 2012
How do I send an email from my ASP.NET website by using SMTP Authentication?
Viewed 6199 times since Tue, May 1, 2012
How to Solve the error: "405 - HTTP verb used to access this page is not allowed"?
Viewed 4755 times since Wed, Oct 24, 2018
I am unable to renew my Let’s Encrypt SSL
Viewed 2086 times since Thu, Aug 23, 2018
|