3

I have a page (View), which sends AJAX queries in some intervals. User can work with this page very long time. But session expired in about 40-60 minutes. So AJAX-requests don't return usefull information.

My Web.config

<system.web>
  <sessionState
      timeout="259200"
      cookieName="SunTest.SessionId"
      regenerateExpiredSessionId="true"
      sqlCommandTimeout="200"
      stateNetworkTimeout="200">
  </sessionState>
<roleManager enabled="true" defaultProvider="SqlProvider" cacheRolesInCookie="true" cookieName=".ASPROLES" cookieTimeout="259200" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All">
  <providers>
    <add name="SqlProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="SqlServices" applicationName="/" />
  </providers>
</roleManager>
<authentication mode="Forms">
  <forms loginUrl="~" timeout="259200" protection="All" />
</authentication>

I've changed my web.config

<appSettings>
    <add key="enableSimpleMembership" value="false" />
    <add key="autoFormsAuthentication" value="false" />
</appSettings>
<system.web>
  <sessionState 
      mode="SQLServer"
      allowCustomSqlDatabase="true"
      sqlConnectionString="Data Source=servername;Initial Catalog=dbname;User ID=username;Password=password"
      timeout="259200"
      cookieName="SunTest.SessionId"
      regenerateExpiredSessionId="true"
      sqlCommandTimeout="200"
      stateNetworkTimeout="200">
  </sessionState>
<roleManager createPersistentCookie="true" enabled="true" defaultProvider="SqlProvider" cacheRolesInCookie="true" cookieName=".ASPROLES" cookieTimeout="259200" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All">
  <providers>
    <add name="SqlProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="SqlServices" applicationName="/" />
  </providers>
</roleManager>
<authentication mode="Forms">
  <forms domain="help2b-2.hosting.parking.ru" name="ASPXFORMSAUTH" path="/" loginUrl="~" slidingExpiration="true" cookieless="UseCookies" timeout="259200" requireSSL="false" />
</authentication>

It makes these cookies: Google Chrome screenshot

So, there are 3 cookies:

  • SunTest.SessionId. 301 byte. Expires - Session.

  • ASPXFORMSAUTH. 301 byte. Expires - Session.

  • .ASPROLES. 565 byte. Expires - Tue, 10 Jul 2012 04:14:48 GMT

But after several minutes (something about 30-40), it deletes the .ASPROLES cookie. The user is signed out. So, AJAX queries don't work.

What is wrong with this config?

Mot
  • 28,248
  • 23
  • 84
  • 121
Sir Hally
  • 2,318
  • 3
  • 31
  • 48

4 Answers4

5

Are all your users losing session state at the same time? If so, your app pool could be recycling. There are several reasons why this can happen.

I would recommend you consider setting up your user session management so that it is able to survive application and session restarts. Here are some options.

2

Had the same problem, added the below two appSettings:

 <add key="enableSimpleMembership" value="false" />
 <add key="autoFormsAuthentication" value="false" />

My Forms:

<forms name="ASPXFORMSAUTH" path="/" domain="something.com" loginUrl="~/Account/LogOn" cookieless="UseCookies" slidingExpiration="true" timeout="1441" requireSSL="false" />

works well now!

Sparkle
  • 2,459
  • 3
  • 18
  • 20
0

A lot of the stated goals of MVC were to move to a stateless model - how much application change can you make to move to a stateless model? If you were to add some identifying information to your ajax calls and make them stateless, using session state wouldn't be a dependency (over simplified, of course - I have no idea what your app is doing).

How are you creating your form tag?

jpda
  • 738
  • 5
  • 16
0

Are you using IIS 7? In case take a look at:

Application pool’s Idle Time-out(minutes)

Session state – State server’s Time-out (seconds)

Community
  • 1
  • 1
Be.St.
  • 4,101
  • 3
  • 25
  • 35