We created a website running under .NET. This site is always accessed directly from the computer that is serving it. The site is comprised of .NET pages with c# code behind files running under IIS.
Our website runs on Windows 2000 (IIS 5.0) and .NET 1.1 without issues. We recently transitioned to Windows 2003 (IIS 6.0) and .Net 3.5 SP1. Now we have an interesting issue. Before users can use the system they must enter a username and password on our custom login page and press the submit button. This works fine most of the time.
The problem is that if the website has been idle for an extended period of time, say 2 hours, then the login is not processed. The user enteres their info, presses submit, but nothing happens, the page just flickers. We have attached a Visual Studio 2005 debugger to the www publishing service. When the user hits submit, the page does go through page_load, and then through page_unload, but it never triggers the button clicked event. It basicly just reloads the page and ignores our button press.
After this occures, if the user enters their info again, presses submit, the button click event correctly fires and the gets logged in. It will work as expected from that point forward until a long period of inactivity has occured.
The problem occures on other pages as well beyond just our login page. For example, we have a page with 10 buttons that each perform an action. If the wepage has been idle too long (more than 20 minutes) then the session expires as expected. What should happen is that when the user presses one of those buttons, the code behind sees that the session is invalid, and redirects the user to the login page. What actually happens after a long period of inactivity (say 2 hours) is that user presses the button and the page simply reloads, never calling the button click handler, hence the user is never sent to the login page.
If they press the button again after that, the user is correctly sent to the login page meaning the button click event did indeed fire that time.
This situation also occurs if the login page is left open in the web browser (IE), and the www publishing service is restarted. The first time you try to log in the page just flickers rather than firing the button click event. After that everything works fine until you leave it idle too long.
Initially I thought this had to do with the IIS Application Pool setting, "Shutdown worker process after being idle for" 20 minutes. I tried changing it from 20 minutes to 2 days and the issue remains.
Any ideas on what to try next?