473,394 Members | 1,766 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > session expires after logged in

Join Bytes to post your question to a community of 473,394 software developers and data experts.

session expires after logged in

as i developed a website using asp.net 2 vs2005 with database sqlserver and my website was running fine few days back but now i am getting a problem. i.e
user is logged in and browsed a page which page is only logged in users can browse and when he runs server side script on that page immediately session expires and user redirected to login page. what causing page to redirect to login page. can anybody explain it and solve my problem.

thanking you in advance.
Sep 18 '07 #1
16 2349
Plater
7,872 Expert 4TB
Is your SQL server handling the session state?
I'm not sure how that sort of thing is handled.

These are for regular session state handling but may still apply:
Are you callin Session.Abandon() anywhere?
Has the session timeout happened?
Does the user have restricted cookie/security issues (like possibly just did a windows update and new security things were enacted)?

Are any errors occuring in your program?
If you do a build(and a publish if it's remotely hosted) your sessions will expire.
Sep 18 '07 #2
thanks dear plater. i am not that expert so i have no idea about whether sql server handling session timeout or not. and s iam calling session.abondon() in a link button labled 'sign out' on the same page.
and if user updated and new security restrictions applying then this problem i checked on two different pcs. and mean my page is online and i checked from two different areas. but the same problem
Sep 18 '07 #3
Plater
7,872 Expert 4TB
Well I would double-check the IIS settings to make sure:
Your "Session state mode" is set to "InProc"
Your "Cookieless mode" is set to "UseCookies"
and your "Session timeout" is set to asuffeciently long enough time "20"(minutes)

Then check to make sure no errors are being thrown that would be causeing your session to expire.
Sep 18 '07 #4
i check all settings are fine and the same coding few days back was working fine but now it is giving this problem. in web.config file i am using windows authentication mode. and just loggin check up using database and session variables. below see web.config file (plz reply if any changes required)
Expand|Select|Wrap|Line Numbers
  1. <?xml version="1.0"?>
  2. <!-- 
  3.     Note: As an alternative to hand editing this file you can use the 
  4.     web admin tool to configure settings for your application. Use
  5.     the Website->Asp.Net Configuration option in Visual Studio.
  6.     A full list of settings and comments can be found in 
  7.     machine.config.comments usually located in 
  8.     \Windows\Microsoft.Net\Framework\v2.x\Config 
  9. -->
  10. <configuration>
  11.   <appSettings>
  12.     <add key="CMSConnectionString"
  13.       value="server=(localhost);UID=sa;PWD=111;DATABASE=netdb;" />
  14.   </appSettings>
  15.     <connectionStrings/>
  16.     <system.web>
  17.         <!-- 
  18.             Set compilation debug="true" to insert debugging 
  19.             symbols into the compiled page. Because this 
  20.             affects performance, set this value to true only 
  21.             during development.
  22.  
  23.             Visual Basic options:
  24.             Set strict="true" to disallow all data type conversions 
  25.             where data loss can occur. 
  26.             Set explicit="true" to force declaration of all variables.
  27.         -->
  28.         <compilation debug="true" strict="false" explicit="true" />
  29.         <pages>
  30.             <namespaces>
  31.                 <clear/>
  32.                 <add namespace="System"/>
  33.                 <add namespace="System.Collections"/>
  34.                 <add namespace="System.Collections.Specialized"/>
  35.                 <add namespace="System.Configuration"/>
  36.                 <add namespace="System.Text"/>
  37.                 <add namespace="System.Text.RegularExpressions"/>
  38.                 <add namespace="System.Web"/>
  39.                 <add namespace="System.Web.Caching"/>
  40.                 <add namespace="System.Web.SessionState"/>
  41.                 <add namespace="System.Web.Security"/>
  42.                 <add namespace="System.Web.Profile"/>
  43.                 <add namespace="System.Web.UI"/>
  44.                 <add namespace="System.Web.UI.WebControls"/>
  45.                 <add namespace="System.Web.UI.WebControls.WebParts"/>
  46.                 <add namespace="System.Web.UI.HtmlControls"/>
  47.             </namespaces>
  48.         </pages>
  49.         <!--
  50.             The <authentication> section enables configuration 
  51.             of the security authentication mode used by 
  52.             ASP.NET to identify an incoming user. 
  53.         -->
  54.  
  55.         <authentication mode="Windows"/>
  56.         <!--    The <customErrors> section enables configuration 
  57.             of what to do if/when an unhandled error occurs 
  58.             during the execution of a request. Specifically, 
  59.             it enables developers to configure html error pages 
  60.             to be displayed in place of a error stack trace.
  61.  -->
  62.         <customErrors mode="off" />
  63.            <globalization fileEncoding="windows-1256" requestEncoding="utf-8" responseEncoding="utf-8" culture="en-US"/>    
  64.     </system.web>
  65. </configuration>
plz if any changes required in web.config file reply
thanx a lot for your replies
Sep 20 '07 #5
Plater
7,872 Expert 4TB
With custom errors set to off, is it possible an error is occuring that you cannot see?
Sep 20 '07 #6
dear peter
plz help me out same session expiring very shortly after logging in and i am and my expert friends suggested that may be unhandled exception is causing this session expiry. can you plz tell me how to get rid of unhandled exception or how to know where unhandled exception is raising.

thanx in advance
Oct 9 '07 #7
Plater
7,872 Expert 4TB
Change the setting that hides errors from users to off (so that errors will show up in page)
Use the page until you find an error.
OR run the project in debug mode and see if Visual Studio catches any errors.
Oct 9 '07 #8
Visual Studio does not catch any error it perfectly shows build succeeded and that dll iam uploading on server. and i changed web.config file and i did <customErrors mode="On" /> but still no error raising and supposing i have a page to add new poll after logged in i am accessing this page and after filling the form when i click on save button it is going to login page. without saving the data. each logged in user page is i am able to accessing first time after log in when i use it or press any button it is redirecting to login page.
Oct 9 '07 #9
Plater
7,872 Expert 4TB
I am NOT talking about a build succeeding(although at least that part is working), I am talking running in debug mode.
Oct 9 '07 #10
s dear i ran in debug mode also build succeeded and for your information my web application is running fine on my pc. no session expire problem nothing iam able to login and until sign out my page is working fine. no problem working on my pc.but problem is online. after i uploaded my application on web server online this problem i am facing offline on pc i have no prob. with my web application
Oct 9 '07 #11
Plater
7,872 Expert 4TB
Does your browser block the cookies sent by your online server?
The session number is kept as a cookie on the client side and is required for it to work correctly.
Oct 9 '07 #12
below is my code when in page_load i check session variables and allow page to be browsable plz check the code & let me know is it correct or not.

//************************************************** ******************
Expand|Select|Wrap|Line Numbers
  1.  Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
  2.         If Not Session("USERID") > 0 Then
  3.             Response.Redirect("UserLogin.aspx")
  4.         Else
  5.             If Not Session("ROLE") = "Administrator" Then
  6.                 Response.Redirect("usercp.aspx")
  7.             End If
  8.         End If
  9.         If Not IsPostBack Then
  10.             FillCategories()
  11.         End If
//************************************************** ******************
above code when i do some save button click or some action after loged in page expires and goes to UserLogin.aspx page

what is wrong in this code can u tell me plz
Oct 31 '07 #13
Plater
7,872 Expert 4TB
I would guess that the trouble is on the client-browser side.
Check to make sure your client-browser is set to allow cookies and session cookies
Oct 31 '07 #14
Frinavale
9,735 Expert Mod 8TB
below is my code when in page_load i check session variables and allow page to be browsable plz check the code & let me know is it correct or not.

//************************************************** ******************
Expand|Select|Wrap|Line Numbers
  1.  Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
  2.         If Not Session("USERID") > 0 Then
  3.             Response.Redirect("UserLogin.aspx")
  4.         Else
  5.             If Not Session("ROLE") = "Administrator" Then
  6.                 Response.Redirect("usercp.aspx")
  7.             End If
  8.         End If
  9.         If Not IsPostBack Then
  10.             FillCategories()
  11.         End If
//************************************************** ******************
above code when i do some save button click or some action after loged in page expires and goes to UserLogin.aspx page

what is wrong in this code can u tell me plz

Try changing your
Expand|Select|Wrap|Line Numbers
  1.   If Not Session("USERID") > 0 Then
to be
Expand|Select|Wrap|Line Numbers
  1.   If Not Session("USERID") Is Nothing Then

Also change
Expand|Select|Wrap|Line Numbers
  1. Session("ROLE") = "Administrator"
to be
Expand|Select|Wrap|Line Numbers
  1. String.Compare(Session("ROLE"), "Administrator")=0
  2.  
Oct 31 '07 #15
Expand|Select|Wrap|Line Numbers
  1. If Not IsPostBack Then
  2.  
  3. If Not Session("USERID") Is Nothing Then
  4.             If String.Compare(Session("ROLE"), "Retailer") = 0 Then
  5.                 strUSERID = Session("USERID")
  6.             Else
  7.                 Response.Redirect("usercp.aspx")
  8.             End If
  9.         Else
  10.             Response.Redirect("UserLogin.aspx")
  11.         End If
  12.       FillBrands()
  13. End If
  14.  
the above code works fine page is not expiring until sign out but server side action on page like loading data on dropdownlist not working.

as i am loading brands in one dropdownlist and when we choose any brand from the list it will load product names in another dropdownlist which is not happening if i use above code. but the problem of session expire is not happening with this code. just clarify me that which method is true code to check the login and role should be kept inside if not ispostback then .... end if or outside.
Nov 1 '07 #16
Frinavale
9,735 Expert Mod 8TB
Expand|Select|Wrap|Line Numbers
  1. If Not IsPostBack Then
  2.  
  3. If Not Session("USERID") Is Nothing Then
  4.             If String.Compare(Session("ROLE"), "Retailer") = 0 Then
  5.                 strUSERID = Session("USERID")
  6.             Else
  7.                 Response.Redirect("usercp.aspx")
  8.             End If
  9.         Else
  10.             Response.Redirect("UserLogin.aspx")
  11.         End If
  12.       FillBrands()
  13. End If
  14.  
the above code works fine page is not expiring until sign out but server side action on page like loading data on dropdownlist not working.

as i am loading brands in one dropdownlist and when we choose any brand from the list it will load product names in another dropdownlist which is not happening if i use above code. but the problem of session expire is not happening with this code. just clarify me that which method is true code to check the login and role should be kept inside if not ispostback then .... end if or outside.
I would check that the user is logged in and within the roles Every page request. This means that I would not put it within the if not IsPostBack.

As for your second DropDownList not filling....please post the method that handles your first DropDownList post back event so that we can have a better look at what's going on.

Also, in the future, could you please post your code within [code] tags.
For example, if I were to post VB.NET code I would type the following:
[code=vbnet]
'My VB.NET Code Pasted Here
[/code]


Thanks

-Frinny
Nov 1 '07 #17

Sign in to post your reply or Sign up for a free account.

Similar topics

27
Reality Check: Session Hijacking
by: mrbog | last post by:
Tell me if my assertion is wrong here: The only way to prevent session hijacking is to NEVER store authentication information (such as name/password) in the session. Well, to never authenticate...
PHP
3
destroying session??
by: john | last post by:
Hi I am having a simple login & logout script which are as follow: login.php <?php session_start(); $_SESSION=$_POST; ?> logout.php
PHP
3
Logging in Session Variables Issue
by: JP SIngh | last post by:
Hi All We have an ASP application which tracks holidays for our employees. When the user logs in we store thier username in a session variable and use that variable when displaying and adding...
ASP / Active Server Pages
6
Expired Session Variables
by: Keith | last post by:
Is there any way of detecting whether a session variable does not exist because it expired or because it simply did not exist in the first place? Thanks
ASP / Active Server Pages
2
asp.net session expiration
by: FreeTheCode | last post by:
it seems that a session in asp.net sometimes expires before its time is supposed to expire? so for example i developed a client side that relies on a if Session("Var") > 0 then else end if ...
.NET Framework
5
Track a session user
by: tshad | last post by:
If I am using FormsAuthentication, is there a way to check who is logged in? I want to be able to check at any particular time, not just how many people are logged in, but who they are. One...
ASP.NET
1
Session time out
by: mansoorsheraz | last post by:
Hi i am, developing a new project for a calling card company. I am, having problems in the session time out. I want to redirect a user to the login page when the session time out expires. All of the...
PHP
2
Session fixation idea
by: Gordon Burditt | last post by:
I had this idea about preventing session fixation, and I'm wondering what anyone else thinks about it. The idea is, essentially, don't allow session ids that YOUR PHP didn't generate (and aren't...
PHP
7
confusion over is_expired and is_empty in CGI:Session
by: poolboi | last post by:
hey guys, i'm not sure if u guys have place this problem before i did an expiration of my CGI session for 1 min and i got the code below to detect if($session->is_expired) { print...
Perl
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!