473,289 Members | 2,040 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,289 software developers and data experts.

Cannot set timeout with asp.net 1.1 over than 20 minutes

Hallo to the group,

my question is this: where i have to set timeout in a web application?
If i set into sessionState with property Timeout="60", after 20
minutes the session is over. Always after 20 minutes, i cannot set a
timeout greater than 20 minutes.

Our configuration is the following:
- Server with Win2003, i.e. IIS 6.0
- Web application developed with vb.net simply composed by:
- login.aspx (only one button that make setAuthCookie)
- home.aspx: label showing the time of the last postback and a
button to make a postback.
- session_timeout.aspx: just to show that the session is over
- a class from which our pages are inherited; that class permit to
check when a new session is started and redirect to
session_timeout.aspx. The only method in our class is:
Protected Overrides Sub OnInit(ByVal e As EventArgs)
MyBase.OnInit(e)
If Session.IsNewSession Then
Dim cookie_header As String = Request.Headers("Cookie")
If Not cookie_header Is Nothing AndAlso
cookie_header.IndexOf("ASP.NET_SessionId") >= 0 Then
Response.Redirect("session_timeout.aspx")
End If
End If
end sub
- web.config with:
<authentication mode="Forms">
<forms loginUrl="login.aspx" name=".TESTCOOKIE" timeout="480"/>
</authentication>
.....
<authorization>
<deny users="?" />
</authorization>
.....
<sessionState mode="InProc" cookieless="false" timeout="60" />

Setting home.aspx to be the start page, i get first the login.aspx
and, after a click on the "stupid login button", i get the home.aspx.
I try to click to the "postback" button after 20 minutes, and the
application show me the session_timeout.aspx

Please help me...
Thanks in advance

Apr 18 '07 #1
5 3749
check the idleTimeout setting. inproc sessions are lost when asp.net
recycles.

-- bruce (sqlwork.com)

Masso wrote:
Hallo to the group,

my question is this: where i have to set timeout in a web application?
If i set into sessionState with property Timeout="60", after 20
minutes the session is over. Always after 20 minutes, i cannot set a
timeout greater than 20 minutes.

Our configuration is the following:
- Server with Win2003, i.e. IIS 6.0
- Web application developed with vb.net simply composed by:
- login.aspx (only one button that make setAuthCookie)
- home.aspx: label showing the time of the last postback and a
button to make a postback.
- session_timeout.aspx: just to show that the session is over
- a class from which our pages are inherited; that class permit to
check when a new session is started and redirect to
session_timeout.aspx. The only method in our class is:
Protected Overrides Sub OnInit(ByVal e As EventArgs)
MyBase.OnInit(e)
If Session.IsNewSession Then
Dim cookie_header As String = Request.Headers("Cookie")
If Not cookie_header Is Nothing AndAlso
cookie_header.IndexOf("ASP.NET_SessionId") >= 0 Then
Response.Redirect("session_timeout.aspx")
End If
End If
end sub
- web.config with:
<authentication mode="Forms">
<forms loginUrl="login.aspx" name=".TESTCOOKIE" timeout="480"/>
</authentication>
.....
<authorization>
<deny users="?" />
</authorization>
.....
<sessionState mode="InProc" cookieless="false" timeout="60" />

Setting home.aspx to be the start page, i get first the login.aspx
and, after a click on the "stupid login button", i get the home.aspx.
I try to click to the "postback" button after 20 minutes, and the
application show me the session_timeout.aspx

Please help me...
Thanks in advance
Apr 18 '07 #2
On 18 Apr, 17:18, bruce barker <nos...@nospam.comwrote:
check the idleTimeout setting. inproc sessions are lost when asp.net
recycles.
Thank you. Unfortunately idleTimeout is already set to infinite, which
is the default. Next guess? :)

Maurizio

Apr 23 '07 #3
re:
!I cannot set a timeout greater than 20 minutes.

Session timeout and forms authentication timeout are two different things.

A session will last for as long a period as you set in <sessionstate...>

A period of time for your app to remember your login parameters is different.
That's set in the forms timeout property.

ASP.NET membership doesn't need for a session to be active
in order to remember whether your membership parameters are active.

One of those parameters is the time for the app
to remember whether you're logged in or not.

You can choose to base your app on the length of the session,
or on the time needed for your login to expire.

If you're using forms authentication, modify the forms authentication timeout :

<forms name=".ASPXAUTH" loginUrl="login.aspx" protection="All" timeout="30" path="/"
requireSSL="false" slidingExpiration="true">


Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"Masso" <ma************@gmail.comwrote in message
news:11*********************@e65g2000hsc.googlegro ups.com...
Hallo to the group,

my question is this: where i have to set timeout in a web application?
If i set into sessionState with property Timeout="60", after 20
minutes the session is over. Always after 20 minutes, i cannot set a
timeout greater than 20 minutes.

Our configuration is the following:
- Server with Win2003, i.e. IIS 6.0
- Web application developed with vb.net simply composed by:
- login.aspx (only one button that make setAuthCookie)
- home.aspx: label showing the time of the last postback and a
button to make a postback.
- session_timeout.aspx: just to show that the session is over
- a class from which our pages are inherited; that class permit to
check when a new session is started and redirect to
session_timeout.aspx. The only method in our class is:
Protected Overrides Sub OnInit(ByVal e As EventArgs)
MyBase.OnInit(e)
If Session.IsNewSession Then
Dim cookie_header As String = Request.Headers("Cookie")
If Not cookie_header Is Nothing AndAlso
cookie_header.IndexOf("ASP.NET_SessionId") >= 0 Then
Response.Redirect("session_timeout.aspx")
End If
End If
end sub
- web.config with:
<authentication mode="Forms">
<forms loginUrl="login.aspx" name=".TESTCOOKIE" timeout="480"/>
</authentication>
.....
<authorization>
<deny users="?" />
</authorization>
.....
<sessionState mode="InProc" cookieless="false" timeout="60" />

Setting home.aspx to be the start page, i get first the login.aspx
and, after a click on the "stupid login button", i get the home.aspx.
I try to click to the "postback" button after 20 minutes, and the
application show me the session_timeout.aspx

Please help me...
Thanks in advance


Apr 23 '07 #4
Adding to this reply:

You're using :
<forms loginUrl="login.aspx" name=".TESTCOOKIE" timeout="480"/>
</authentication>

You should add slidingExpiration="true" :

<forms loginUrl="login.aspx" name=".TESTCOOKIE" timeout="30" slidingExpiration="true"/>
</authentication>

btw, are you sure you want to set the expiration to 8 *hours* ?

There's lots of background info on forms authentication parameters at :

http://support.microsoft.com/kb/910443

....and here's a link which shows you how to troubleshoot forms authentication:

http://support.microsoft.com/kb/910439/

Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"Juan T. Llibre" <no***********@nowhere.comwrote in message
news:%2****************@TK2MSFTNGP06.phx.gbl...
re:
!I cannot set a timeout greater than 20 minutes.

Session timeout and forms authentication timeout are two different things.

A session will last for as long a period as you set in <sessionstate...>

A period of time for your app to remember your login parameters is different.
That's set in the forms timeout property.

ASP.NET membership doesn't need for a session to be active
in order to remember whether your membership parameters are active.

One of those parameters is the time for the app
to remember whether you're logged in or not.

You can choose to base your app on the length of the session,
or on the time needed for your login to expire.

If you're using forms authentication, modify the forms authentication timeout :

<forms name=".ASPXAUTH" loginUrl="login.aspx" protection="All" timeout="30" path="/"
requireSSL="false" slidingExpiration="true">


Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"Masso" <ma************@gmail.comwrote in message
news:11*********************@e65g2000hsc.googlegro ups.com...
>Hallo to the group,

my question is this: where i have to set timeout in a web application?
If i set into sessionState with property Timeout="60", after 20
minutes the session is over. Always after 20 minutes, i cannot set a
timeout greater than 20 minutes.

Our configuration is the following:
- Server with Win2003, i.e. IIS 6.0
- Web application developed with vb.net simply composed by:
- login.aspx (only one button that make setAuthCookie)
- home.aspx: label showing the time of the last postback and a
button to make a postback.
- session_timeout.aspx: just to show that the session is over
- a class from which our pages are inherited; that class permit to
check when a new session is started and redirect to
session_timeout.aspx. The only method in our class is:
Protected Overrides Sub OnInit(ByVal e As EventArgs)
MyBase.OnInit(e)
If Session.IsNewSession Then
Dim cookie_header As String = Request.Headers("Cookie")
If Not cookie_header Is Nothing AndAlso
cookie_header.IndexOf("ASP.NET_SessionId") >= 0 Then
Response.Redirect("session_timeout.aspx")
End If
End If
end sub
- web.config with:
<authentication mode="Forms">
<forms loginUrl="login.aspx" name=".TESTCOOKIE" timeout="480"/>
</authentication>
.....
<authorization>
<deny users="?" />
</authorization>
.....
<sessionState mode="InProc" cookieless="false" timeout="60" />

Setting home.aspx to be the start page, i get first the login.aspx
and, after a click on the "stupid login button", i get the home.aspx.
I try to click to the "postback" button after 20 minutes, and the
application show me the session_timeout.aspx

Please help me...
Thanks in advance



Apr 23 '07 #5
We discovered that using situation: by using

System.Web.Security.FormsAuthentication.SetAuthCoo kie("testuser",
False)
the system create an AuthCookie with 20 minutes for timeout.

Using the following:
Dim userData As String = "ApplicationSpecific data for this
user."
Dim ticket As New FormsAuthenticationTicket(email,
isPersistent, 70)
' Encrypt the ticket.
Dim encTicket As String =
FormsAuthentication.Encrypt(ticket)
' Create the cookie.
Response.Cookies.Add(New
HttpCookie(FormsAuthentication.FormsCookieName, encTicket))
we are able to set the timeout. It works great!!!
Deploying the application on another server and testing with http://localhost/...
we have timeout again when postback after 20 minutes.
The difference between the develop and the test environement are the
following:
- Develop: WinXp pro SP2 Test: Win2003 Server
- Develop: IIS 5.1 Test: IIS 6.0
- Both framework: 1.1.4322

Any other ideas?

On 23 Apr, 15:19, "Juan T. Llibre" <nomailrepl...@nowhere.comwrote:
Adding to this reply:

You're using :
<forms loginUrl="login.aspx" name=".TESTCOOKIE" timeout="480"/>
</authentication>

You should add slidingExpiration="true" :

<forms loginUrl="login.aspx" name=".TESTCOOKIE" timeout="30" slidingExpiration="true"/>
</authentication>

btw, are you sure you want to set the expiration to 8 *hours* ?

There's lots of background info on forms authentication parameters at :

http://support.microsoft.com/kb/910443

...and here's a link which shows you how to troubleshoot forms authentication:

http://support.microsoft.com/kb/910439/

Juan T. Llibre, asp.net MVP
asp.net faq :http://asp.net.do/faq/
foros de asp.net, en español :http://asp.net.do/foros/
===================================
"Juan T. Llibre" <nomailrepl...@nowhere.comwrote in messagenews:%2****************@TK2MSFTNGP06.phx.gb l...
re:
!I cannot set a timeout greater than 20 minutes.
Session timeout and forms authentication timeout are two different things.
A session will last for as long a period as you set in <sessionstate...>
A period of time for your app to remember your login parameters is different.
That's set in the forms timeout property.
ASP.NET membership doesn't need for a session to be active
in order to remember whether your membership parameters are active.
One of those parameters is the time for the app
to remember whether you're logged in or not.
You can choose to base your app on the length of the session,
or on the time needed for your login to expire.
If you're using forms authentication, modify the forms authentication timeout :
<forms name=".ASPXAUTH" loginUrl="login.aspx" protection="All" timeout="30" path="/"
requireSSL="false" slidingExpiration="true">
Juan T. Llibre, asp.net MVP
asp.net faq :http://asp.net.do/faq/
foros de asp.net, en español :http://asp.net.do/foros/
===================================
"Masso" <massimo.pol...@gmail.comwrote in message
news:11*********************@e65g2000hsc.googlegro ups.com...
Hallo to the group,
my question is this: where i have to set timeout in a web application?
If i set into sessionState with property Timeout="60", after 20
minutes the session is over. Always after 20 minutes, i cannot set a
timeout greater than 20 minutes.
Our configuration is the following:
- Server with Win2003, i.e. IIS 6.0
- Web application developed with vb.net simply composed by:
- login.aspx (only one button that make setAuthCookie)
- home.aspx: label showing the time of the last postback and a
button to make a postback.
- session_timeout.aspx: just to show that the session is over
- a class from which our pages are inherited; that class permit to
check when a new session is started and redirect to
session_timeout.aspx. The only method in our class is:
Protected Overrides Sub OnInit(ByVal e As EventArgs)
MyBase.OnInit(e)
If Session.IsNewSession Then
Dim cookie_header As String = Request.Headers("Cookie")
If Not cookie_header Is Nothing AndAlso
cookie_header.IndexOf("ASP.NET_SessionId") >= 0 Then
Response.Redirect("session_timeout.aspx")
End If
End If
end sub
- web.config with:
<authentication mode="Forms">
<forms loginUrl="login.aspx" name=".TESTCOOKIE" timeout="480"/>
</authentication>
.....
<authorization>
<deny users="?" />
</authorization>
.....
<sessionState mode="InProc" cookieless="false" timeout="60" />
Setting home.aspx to be the start page, i get first the login.aspx
and, after a click on the "stupid login button", i get the home.aspx.
I try to click to the "postback" button after 20 minutes, and the
application show me the session_timeout.aspx
Please help me...
Thanks in advance

May 4 '07 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

9
by: E Sullivan | last post by:
I am having a time out issue when multiple users are accessing the server. This time out does not happen all of the time. My understanding is that the time out value is actually set in two places....
24
by: jrefactors | last post by:
I have an upload file operation in the web application. UploadForm.jsp is the form, and UploadAction.jsp is the form processing. The web server is Websphere. //UploadForm.jsp <FORM...
8
by: baustin75 | last post by:
Posted: Mon Oct 03, 2005 1:41 pm Post subject: cannot mail() in ie only when debugging in php designer 2005 -------------------------------------------------------------------------------- ...
4
by: Siang Hwee | last post by:
Hi. I am facing some problem in Asp.net. I am developing a payroll application currently. This is a web-based application. User need to click on "Process" button in order to process the payroll...
17
by: jensen bredal | last post by:
Hello, i'm struggling with a somehow badly understood session scenario. I provide acces to my pages based on form authentication using Session cookies. Som of my pages are supposed to be...
4
by: UJ | last post by:
I have a page where the user can upload a video file. As you can guess, this may take a while. Is there a way I can change the session timeout for just this one page? I would also want to change...
25
by: =?Utf-8?B?RGF2aWQgVGhpZWxlbg==?= | last post by:
I tried: <sessionState timeout="1"> </sessionState> bounced IIS, and after 1 minute still had a session. ??? -- thanks - dave
10
by: Atul Shukla | last post by:
Hi, How can I avoid application timeout? Generally a web application time out is 20 minutes, however, we can define this timeout in web.config to any number of minutes. After giving 500 minutes of...
0
by: sbhandary | last post by:
Hi, I have an ASP.net page that takes over an hour and sometimes more to execute. After the page has been running for 60 minutes, I get a Page Cannot Be Displayed error. I have set the session...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: marcoviolo | last post by:
Dear all, I would like to implement on my worksheet an vlookup dynamic , that consider a change of pivot excel via win32com, from an external excel (without open it) and save the new file into a...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.