TimeOut Session using StateServer

1

I have an application in cluster that I use the Session , to not give problem I put another machine to serve as Session Server and set web.config as follows:

<sessionState mode="StateServer" stateConnectionString="tcpip=[IP]:42424" stateNetworkTimeout="3600" timeout="1440" />

I left the timeout at 1440 min to leave the active session for 1 day, but there are cases that the user enters the system and after min he loses the session, the TimeOut of the SessionState would not serve precisely not to happen that? and how can I detect what is causing the sessions to be lost?

    
asked by anonymous 14.02.2014 / 17:27

1 answer

1

There are several possibilities, I will list the most common:

  • Your server (StateServer) is being restarted and you are saving the sessions in memory
  • Your database storing sessions is being deleted (somebody cleans it) with some frequency
  • The user is using the incognito (anonymous) browsing mode of browsers
  • The user is clearing cookies and sessions manually or the browser is configured to do this when closing
  • User is switching browser (session is not kept between browsers)
  • At some point in your code you can have a Session.Abandon() or lougout
  • In%% of you can put error handlers to catch exceptions that are not being handled and catch some error that may not be being reported or detected.

    Complementation

    The session may be configured differently in the authentication part and in the HTTP part, within its global.asax . I'm gonna explain. See the following example of web.config

    <?xml version="1.0"?>
    <configuration>
        <system.web>
            <sessionState timeout="20" mode="SQLServer" cookieless="false" sqlConnectionString="data source=servidor\SQL2012;user id=user_aspstate;password=aspstate"/>
            <authentication mode="Forms">
                <forms name="MeuAuth" loginUrl="Login.aspx" path="/" timeout="10000" protection="All"/>
            </authentication>
        </system.web>
    </configuration>
    

    Notice that the authentication timeout is 10,000 minutes! The default value for this property is 30 minutes. The sessionState is configured with a timeout of 20 minutes, which is already the default value that .NET places for this property. If the form has a shorter timeout than the sessionState it will happen sooner. And it may be that your web.config has this problem with different values.

        
    17.02.2014 / 22:21