Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post May 15, 2012 07:11 AM by FightAsABull
May 11, 2012 06:51 PM|LINK
We have an ASP.NET 4.0 application that is using forms authentication and state server for session state. We also have an ASP.NET 1.1 application hosted on the same server that is configured to use forms authentication and the state service. Both application
are configured to use the same cookie for holding the session id.
The 4.0 application loads a mixture of 4.0 and 1.1 pages into an iframe. The outer shell of the application is the 4.0 application i.e. it manages the header with menus and a left slide out page that allows further access to 1.1/4.0 pages within the application.
Our problems began after we deployed 3 servers hosting the application using round robin dns for load balancing and users started experiencing sessions ending at variable times resulting in data loss from pages that had not been posted back.
Is sharing the same cookie for session id between the two application a problem? Should we configure the state service to use a different cookie for the 1.1 and 4.0 applications on each server.
We are using the state server on each of the servers to manage the state for users connecting to that machine.
We have session state set to timeout after 120 minutes (a fairly long time) in most instances the session is timing out before 2 hours have ellapsed.
Additionally we have 2 iframes in the header of the site that are updated each with a 1.1 and 4.0 page in order to keep each session alive if the user is on an input screen.
The servers are running windows 2008 r2.
May 14, 2012 03:52 AM|LINK
May 15, 2012 07:11 AM|LINK
Hi, please use different cookie for session id between the two application