demerg
asked on
ASP.Net 3.5 Declared Session Variables Time-out after 20 Minutes
Hi
I have an ASP.net 3.5 visual basic web application that uses form authentication.
In the web.config file the following is scripted…
<authentication mode="Forms">
<forms loginUrl="login.aspx"
defaultUrl="~/SectionEdito rs/Default .aspx"
timeout ="60" slidingExpiration ="true" />
</authentication>
I query an SQL database and declare several session variables when the user logs on in the code behind of the Login page. This is the code declaring the session variables from data queried from the SQL Server connection…
Dim customReader As SqlDataReader = LoginSelCommand.ExecuteRea der()
If customReader.Read() Then
Session("UserID") = (customReader("IDNum"))
Session("UserFName") = (customReader("FName"))
Session("UserLName") = (customReader("LName"))
Session("UserEmail") = (customReader("email"))
End If
If Not customReader.HasRows Then
Me.InvalidCredentialsMessa ge.Visible = True
Else
FormsAuthentication.Redire ctFromLogi nPage(Sess ion("UserF Name"), False)
End If
Here is the PROBLEM…
As you can see, I have the Session set to timeout at 60 minutes which works fine, however, the declared session variable always timeout at exactly 20 minutes. These declared session variables are critical to the Web app as they are used as criteria in gridviews and email communication.
When a user returns to the default login page, there are several lists in their queue that show that they have no further funtions to complete after 20 minutes has elapsed while the forms authentication is not timing out for another 40 minutes, so they are still active but being presented the wrong data.
Why would the formsAuthentic authentication mode timeout for the session work OK (60 min) and the Session variables I declare disappear after 20 minutes which if I am not mistaken is the derfault timeout clock value?
Am I missing a step in my session setup?
Very frustrated, Please Help!
I have an ASP.net 3.5 visual basic web application that uses form authentication.
In the web.config file the following is scripted…
<authentication mode="Forms">
<forms loginUrl="login.aspx"
defaultUrl="~/SectionEdito
timeout ="60" slidingExpiration ="true" />
</authentication>
I query an SQL database and declare several session variables when the user logs on in the code behind of the Login page. This is the code declaring the session variables from data queried from the SQL Server connection…
Dim customReader As SqlDataReader = LoginSelCommand.ExecuteRea
If customReader.Read() Then
Session("UserID") = (customReader("IDNum"))
Session("UserFName") = (customReader("FName"))
Session("UserLName") = (customReader("LName"))
Session("UserEmail") = (customReader("email"))
End If
If Not customReader.HasRows Then
Me.InvalidCredentialsMessa
Else
FormsAuthentication.Redire
End If
Here is the PROBLEM…
As you can see, I have the Session set to timeout at 60 minutes which works fine, however, the declared session variable always timeout at exactly 20 minutes. These declared session variables are critical to the Web app as they are used as criteria in gridviews and email communication.
When a user returns to the default login page, there are several lists in their queue that show that they have no further funtions to complete after 20 minutes has elapsed while the forms authentication is not timing out for another 40 minutes, so they are still active but being presented the wrong data.
Why would the formsAuthentic authentication mode timeout for the session work OK (60 min) and the Session variables I declare disappear after 20 minutes which if I am not mistaken is the derfault timeout clock value?
Am I missing a step in my session setup?
Very frustrated, Please Help!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Very Much!
ASKER