Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Dec 18, 2012 09:38 AM by suryakant4it
Nov 12, 2012 04:54 AM|LINK
I have devloped a asp.net web site using asp.net 4.0.when i deploye it on iis server then it running proper.but when we deploye it on third party windows hosting server then session expirex very quikly.i increase session timeout in server settion 20 to 60
min. update web config session timeout 20 to 60 but problem as it is.my web config is here.please help.it is urgent.my client frastated due to relogin relogin--
For more information on how to configure your ASP.NET application, please visit
<add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true"
<add name="S_dataConnectionString" connectionString="Data Source=.;Initial Catalog=xyz;Persist Security Info=True;User ID=sa;Password=abc"
<compilation debug="true" targetFramework="4.0"/>
<forms loginUrl="~/Account/Login.aspx" timeout="2880"/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/"/>
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/"/>
Nov 12, 2012 05:10 AM|LINK
You should increase the application pool timeout. Most
shared ASP.NET hosting keep this value low to save the server resources. In this case you have 2 options, to ask the hostsing company to increase the value, or to get more advance hosting solution as
Windows VPS hosting.
Nov 12, 2012 06:49 AM|LINK
after 5 minute when i am refresh my page the object refrence not found error show.after relogin this error remove.what is solutionany idea ..
Nov 12, 2012 06:41 PM|LINK
You need to store your session state out of process:
Nov 13, 2012 07:39 PM|LINK
There are three timeouts to be aware of (or that I've discovered):
1. Session State
This timeout expires your User's Login Session (defined in the App's web.config <sessionState> section).
It only works with an Application Pool (w3wp.exe) set to use a single worker process (via the Application Pool Advanced Settings within the IIS Manager on the Server).
2. Auth Ticket
The timeout before another request is passed. This can expire the login without expiring the user session (e.g. shopping cart on the server side).
This must be defined to be less than the Session State Expiration (defined also in the App's web.config <forms> section shown in your example above).
3. Auth Cookie
This holds the Auth Ticket (unless you go cookieless). Otherwise, this can expire too and it's hard to visually see all of this without alot of trial and error troubleshooting.
This should get you through the expiration. Handing Auth Ticket "Sliding Expiration" is a little different and I've had to handle this myself rather than rely on the server to automatically do it. It's weird too, the Sliding Expiration will not advance
until 50% of the timeout period has passed, but will increment everytime thereafter. I make sure to reset the Expiration on both Auth Ticket and Auth Cookie manually to guarantee the sliding after requests complete and responses return.
Nov 13, 2012 09:31 PM|LINK
my client frastated due to relogin relogin--
When using Forms Authentication, it has nothing to do with Session Timeout because Forms Authenticaton is unsing Cookies and has nothing to do with Session.
Most likely your application pool recycles frequently. This is a very common issue on shared hosted environments. When the applicaton pool recycles, and you're using session state mode InProc (the dafault), all sessions are lost. But that doesn't affect
your authentication, as I said before.
But if you didn't specify a machinekey in your web.config, authenticaton cookies can become invalid also. This is because this key is used to encrypt and decrypt the authentication cookie. If you didn't specify a machinekey, ASP.NET will generate one for
you. But sometimes (I'm not sure when because this isn't very wel documented in MSDN), when the application pool recycles, ASP.NET will generate a new key (MSDN says that it will generate the same key everytime but this is not always the case). When this happens,
authenticaton cookies encrypted using the previous key cannot be decrypted using the new key, so the cookie isn't valid anymore. To overcome this problem, add a machinekey to web.config, so the same key is used each and every time
Note that this doesn't solve the Session to expire frequently. When you'rs using Session as well, you better choose another SessionState mode, not the default option "InProc"
Dec 18, 2012 09:38 AM|LINK
Thanks alot.I configure machine key.Now working properly.This is perfect solution