We help IT Professionals succeed at work.

Using sessionState in web config file

j-w-thomas
j-w-thomas asked
on
Medium Priority
307 Views
Last Modified: 2012-05-06
If I use this in the web config file, will it allow the FormsAuthentication to remain as an active session even if the AppDomain recycles?

<sesssionState
                 cookieless="UseCookies"
                 mode="StateServer"
                 stateConnectionString="tcpip=127.0.0.1:42424" ?>

My challenge is that I lose the FormsAuthentication info during a recycle (as you know) but I cannot adjust the server. I was hoping to set it through web config.

Thanks
Comment
Watch Question

Commented:
You can adjust it in the web.config.
If the app recycles, you will loose the active session
		<authentication mode="Forms">
			<forms name="Login" defaultUrl="Customers" loginUrl="~/Login.aspx" protection="All" timeout="40" path="/"/>
		</authentication>

Open in new window

Author

Commented:
Currently I am using this and it does ot amke any difference to the time out length at all. That is my confusion.

Further, when I copied this into the code, I realized that I had an extra bracket.
The app runs but that may explain why I was having trouble...doooohhhh

I will be back in a moment to see if that helps.
<authentication mode="Forms">
	<forms
		cookieless="UseCookies"
		timeout="45">
	</forms>
</authentication>

Open in new window

Author

Commented:
...in your first response you said that if the app recycles, I would lose the session including the FormsAuth?? True?

Commented:
Should be cookieless="true"

Commented:
Yes, you will loose your session variables when the appdomain recycles.

Author

Commented:
I believe my server is set very short for memory flushes, that is why I was wondering about sessionState. This as I understand and was hoping you could clarify allows for the recycle to happen but the session variables are held out-of-process within the app.

Also I want to force cookies because of the FormAuth, and not allow anyone to use URL for settings, so shouldn't it be:

cookieless="false"  ??
Commented:
Yes, if you want to use cookies then cookieless="false".
Do you have access to web server? This setting can be increased in IIS. The default is 20 mins.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Yes, I have full access to the server, buut admitedly I am not really familiar and don't want to do something that will create any, shall we say...issues...

Commented:
Yes, I understand what you mean. I have answered your question?

Author

Commented:
yes, thanks for your help
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.