Session variable loose values - is it IE settings?

moonrise
moonrise used Ask the Experts™
on
I wrote an web application using ASP - during the login process some values are retrieved from the database and stored in session variables. In some cases users of this application report a problem that tells me that the session variables have been set to null values. I know this is not because of a timeout because timeout is set to 45 min.

The last user who had that problem was told to reset the IE settings to Default (Advanced settings) and it fixed the problem. The following settings were changed as a result of resetting to default - this was not enough for me to recreate the problem:

Any idea what settings might have such an impact?

> "Enable Install On Demand (Internet Explorer)" - Originally unchecked,
> checked when set to defaults.
>
> "Just display the results in the main window" - Originally checked,
> unchecked when set to defaults.
>
> "Just go to the most likely site" - Originally unchecked, checked when
> set to defaults.
>
> "Warn if changing between secure and not secure mode" - Originally
> unchecked, checked when set to defaults.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
have you updated the gloabal.asa?
when you do this, the application gets restarted...

it has been reported, that also some virus scanner trigger the restart of the application when they scan global.asa
to prevent this from happening again you need to remove the gloabal.asa from the scan list of the virus scanner...

ASPGuru
Commented:
Does the URL of your server have an underscore ("_") in it?

SYMPTOMS
After you install security patch MS01-055 for Microsoft Internet Explorer 5.5 or 6.0, you may encounter the following problems:
Session variables are lost.
Session state is not maintained between requests.
Cookies are not set on the client system.
NOTE: These problems can also occur after you install a more recent patch that includes the fix that is provided in security patch MS01-055.

CAUSE
Security patch MS01-055 prevents servers with improper name syntax from setting cookies names. Domains that use cookies must use only alphanumeric characters ("-" or ".") in the domain name and the server name. Internet Explorer blocks cookies from a server if the server name contains other characters, such as an underscore character ("_").

Because ASP session state and session variables rely on cookies to function, ASP cannot maintain session state between requests if cookies cannot be set on the client.

RESOLUTION
To work around this problem, use one of the following methods:
Rename the domain name and the server name, and use only alphanumeric characters.
Browse to the server by using the Internet Protocol (IP) address rather than the domain/server name.
NOTE: You may need to change the Microsoft Internet Information Server (IIS) configuration after you rename a server. For more information, refer to the "References" section.

REF:

Active Server Pages (ASP): Session.SessionID
http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_20560434.html

Microsoft: Active Server Pages (ASP) - Session ID Increments on each page
http://www.tek-tips.com/gviewthread.cfm/lev2/4/lev3/31/pid/333/qid/465089
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Commented:
These may also help you:

Active Server Pages (ASP): ASP Session Problem IIS5.1 XP Pro
http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_20433449.html

Active Server Pages (ASP): Session identifier
http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_20033473.html

Active Server Pages (ASP): SQL Statement after ors.addneww
http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_10600942.html

Active Server Pages (ASP): Handling Session Timeout
http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_20488142.html

Active Server Pages (ASP): How can I get a users SID?
http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_20442179.html

Active Server Pages (ASP): How to get a value for a session ID?
http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_20135786.html

ASP Conventions
http://msdn.microsoft.com/library/en-us/dnasp/html/aspconv.asp

Regards,
Wakie.

Author

Commented:
The underscore issue is a strong possibility - we will remove them and see - thank you very much - I will let you know in a couple days...

Author

Commented:
Removing the underscores from the file names seems to have eliminated the problem.

Thank you

Commented:
Pleasure to help, moonrise :)

Regards,
Wakie.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial