Home » Categories » Multiple Categories

Issue with Storing Session

Sometimes, the session on your website can expire earlier than you expect. The followings are the steps you need to check:

1. In .Net, you cannot use authentication without session. The session ID can be transmitted with client either in a cookie, or in the page url. There is no need to choose between session and cookie, as the cookie actually holds the session id.

2. On the server, session data is stored either in memory (in process or outside process), or in database.

3. The cookie is encrypted using a key called the "machine key". By default, everytime the app pool is recycled, a new machine key is created and the session data that is in memory is lost. On a shared server, this results in the end of a session, since the cookie cannot be decrypted anymore.

The solution: Store a static machine key in the web.config of the web application.

Also, storing the session data in the database instead of memory (in proc) can be useful to preserve sessions.




Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
Sample Code to Send email using ASP.NET 2
Viewed 2885 times since Tue, May 1, 2012
I receive this error message: "Directory Listing Denied. This Virtual Directory does not allow contents to be listed."
Viewed 3262 times since Mon, Apr 30, 2012
Sample Code to Send email using ASP.NET1.1
Viewed 2507 times since Tue, May 1, 2012
How do I query MySQL database in ASP.NET?
Viewed 3325 times since Tue, May 1, 2012
How to Solve an Error Message "Validation of viewstate MAC failed"
Viewed 5175 times since Tue, Apr 2, 2013
How do I send an email from my ASP.NET website by using SMTP Authentication?
Viewed 3367 times since Tue, May 1, 2012
How do I query MySQL Database in PHP ?
Viewed 1220 times since Tue, May 1, 2012
My website session times out earlier than expected. Why?
Viewed 2118 times since Tue, May 1, 2012
How can I enable ASP.NET 3.5 on your Control Panel?
Viewed 1941 times since Wed, May 2, 2012