Solved

session.timeout

Posted on 2001-06-14
12
235 Views
Last Modified: 2010-05-18
in global.asa application_onStart i have
session.timeout=1
but it doesn't seem to execute the code i have in session_onend after one minute. what's wrong?
0
Comment
Question by:SSF
  • 3
  • 2
  • 2
  • +5
12 Comments
 
LVL 33

Expert Comment

by:hongjun
ID: 6193439
Try including the session.timeout = 1 in Session_OnStart instead.

hongjun
0
 
LVL 9

Expert Comment

by:TTom
ID: 6193586
If you are serious about timing out your session, you can also configure the timeout for your server (or your application) through Internet Service Manager.

Tom
0
 
LVL 2

Accepted Solution

by:
kmv earned 50 total points
ID: 6193610
Let's assume that your site is very popular and at least one person uses it per a time. In this case Application_OnStart executes one time and only for one user who was the first.
MSDN:
The Application_OnStart event occurs before the first new session is created, that is, before the Session_OnStart event. Only the Application and Server built-in objects are available. Referencing the Session, Request, or Response objects in the Application_OnStart event script causes an error.

As hongjun wrote you need to use Session_onStart. You also can use code session.timeout=1 on page which always executed for every user if you have such page on your site (e.g. login page).

But there is one more problem. MSDN again:
When you save changes to the Global.asa file, the server finishes processing all of the current application requests before it recompiles the Global.asa file. During that time, the server refuses additional requests and returns an error message stating that the request cannot be processed while the application is being restarted.

I.e. you need to restart WWW server service or wait enouph time until all sessions for your application will finish. Restart of service reset all current sessions on all web applications on your server.

Best regards.
0
 
LVL 7

Expert Comment

by:weesiong
ID: 6193833
SSF,

This is the Session_OnEnd bug. :p

Regards,
Wee Siong
0
 
LVL 20

Expert Comment

by:Silvers5
ID: 6194029
Exactly weesiong,

Session_OnEnd is unreliable. Do not create applications that rely on Session_OnEnd to occur, because it doesn't always happen. This is a known bug and seems to have been reduced (if not eliminated entirely) in IIS 5.0, which ships with Windows 2000. This bug is one of many reasons to not store recordsets, connections or other objects in session variables, mainly the session timout fires randomly or even never fires so the session on end firing event is directly related to this..
0
 

Expert Comment

by:guyms
ID: 6195135
SSF,

In the code for the OnEnd event procedure,you have access only to the Application, server, and session objects.
And most important, you have no access to the Response object or Request object if you have any of these objects in your OnEnd event that may be the problem.

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 10

Expert Comment

by:makerp
ID: 6195670
SUB Session_OnStart
session.timeout=480

put it in Session_OnStart
0
 

Author Comment

by:SSF
ID: 6195951
thanks all! i'm giving this one to kmv and Silvers5.

Silvers5,
i'll post another question for you to get the points.

0
 
LVL 2

Expert Comment

by:kmv
ID: 6196144
Thank you.

Best regards.
Michael.
0
 

Author Comment

by:SSF
ID: 6196503
makerp,
just out of curiosity, what does

session.timeout=480

do?
0
 
LVL 20

Expert Comment

by:Silvers5
ID: 6201192
480 minutes.. the session will time out in that amount, by default it's 20 minutes

rgrds
0
 

Author Comment

by:SSF
ID: 6203137
that doesn't seem very useful.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:  The Exchange of information …
I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now