Best IT Recipes

Session state loss

I have an ASP.net application in which users cannot successfully perform certain actions, for the reasons that I suppose, they can only be associated with the loss of their session (where I maintain current user information and how to determine if they are logged in)

I do not understand why they will lose the session, so my first question is:

What (in general) will cause the user to lose their session in ASP.net?

and since I don’t know when the user loses the session and cannot play it himself:

How can I track when a user is losing a session

Below is my sessionState configuration for reference

<sessionState mode="InProc" cookieless="false" cookieName="My.Site.Com" timeout="480"/>
+54
iis session
Aug 18 '10 at 19:36
source share
8 answers

A few things can lead to mysterious disappearances of the session state.

  • Your sessionState timeout has expired
  • Are you updating your web.config or another type of file that causes your AppDomain to recycle
  • Your AppPool in IIS Recycle
  • You are updating your site with a large number of files, and ASP.NET is actively destroying your AppDomain to recompile and save memory.

-

If you are using IIS 7 or 7.5, here are a few things to look for:

  • By default, IIS forces AppPools to shut down after a period of inactivity.
  • By default, IIS forces AppPools to recycle every 1740 minutes (obviously, depending on your root configuration, but by default)
  • In IIS, check out the "Advanced Settings" of your AppPool. It has the "Idle Time-out" property. Set this value to zero or a greater number than the default value (20).
  • In IIS, check the "Disposal" settings of your AppPool. Here you can enable or disable your AppPool from recycling. The second page of the wizard is a way to enter the event log of each type of AppPool.

If you use IIS 6, the same settings apply (for the most part, but with different ways to get them), but getting them to register the process is more painful. Here is a link to a way to force IIS 6 to log AppPool reuse events:

http://web.archive.org/web/20100803114054/http://surrealization.com/sample-code/getnotifiedwhenapppoolrecycles/

-

If you are updating files in your web application, you should expect the entire session to be lost. This is just the nature of the beast. However, you cannot expect this to happen several times. If you update 15 or more files (aspx, dll, etc.), there is a possibility that you will have several reboots within a certain period of time, as these pages will be recompiled by users accessing the site. See these two links:

http://support.microsoft.com/kb/319947

http://msdn.microsoft.com/en-us/library/system.web.configuration.compilationsection.numrecompilesbeforeapprestart.aspx

Setting numCompilesBeforeAppRestart to a larger number (or manually disabling your AppPool) will fix this problem.

-

You can always contact Application_SessionStart and Application_SessionEnd to receive notifications when a session is created or completed. The HttpSessionState class also has the IsNewSession property, which you can check on any page request to determine if a new session has been created for the active user.

-

Finally, if this is possible in your circumstances, I have successfully used SQL Server session mode . This is not recommended if you store a large amount of data in it (each query loads and stores the full amount of data from SQL Server), and it can be painful if you put custom objects in it (since they should be serializable), but it helped me in a shared hosting scenario where I could not configure my AppPool so as not to process a couple of hours. In my case, I saved limited information and did not have an adverse effect. Add to this the fact that an existing user will reuse their default SessionID, and my users have never noticed that their in-memory session was disconnected using the AppPool utility because all their state was saved in SQL Server.

+103
Aug 18 '10 at 19:46
source share

I had a situation in ASP.NET 4.0 where my session will be reset for every page request (and my SESSION_START code will be triggered with every page request). This did not happen with each user for each session, but usually it happened, and when it happened, it happened with every page request.

My web.config sessionState tag had the same parameter as the one mentioned above.

 cookieless="false"

When I changed it to the following ...

 cookieless="UseCookies"

... the problem seems to have disappeared. Apparently true | false were old choices from ASP.NET 1. Starting with ASP.Net 2.0, the options listed became available. I assume these options are out of date. False has never been a problem in the past - I noticed only on ASP.NET 4.0. I don't know if something has changed in 4.0 that no longer supports it correctly.

In addition, I recently found out about this. Since the problem was intermittent before, I suppose I can still run into it, but so far it works with this new setting.

+2
May 16 '14 at 19:52
source share

In my case, the settings AppPool-> AdvancedSettings-> Maximum working successes of 1 helped.

+2
May 17 '17 at 12:07
source share

Your session is lost ....

I found a scenario in which the session is lost. On the asp.net page, there are invalid characters for the quantity text box field, followed by a search using a session variable for other purposes. After publishing invalid number parsing via Convert. ToInt32 or double throws an exception for the first chance, but the error does not appear on this line. Instead, Session, which is null due to an unhandled exception, shows an error while retrieving the session, thereby spoofing debugging ...

TIP: check your system for failure. DESTRUCTIVE .. enter enough garbage in unrelated scripts for ex: after showing the search results, enter the garbage in the search criteria and the details of obtaining the search results ..., you can play this machine on your local code base too ... :)

Hope this helps, gitchie

+1
Mar 11 '14 at 13:54 on
source share

You can add some entries to Global.asax in Session_Start and Application_Start to keep track of what is happening with the user session and the application as a whole.

Also, make sure that you work in web farm mode (multiple IIS threads defined in the application pool) or load balancing, as the user can get to another server that does not have the same memory. If so, you can switch session mode to SQL Server.

0
Aug 18 '10 at 19:40
source share

I lost a session that was neither a string nor an integer, but a datarow. Putting data in a serializable object and saving this in a session worked for me.

0
Aug 11 '16 at 9:57 on
source share

There was a problem with IIS 8 when loading content through Ajax. The problem was that MaximumWorkerProcesses was set to 2 , and Javascript opened 17 simultaneous requests. This was more than AppPool could handle, and a new pool was opened (without auth-data).

The solution was to change MaximumWorkerProcesses to 0 in IIS -> Server -> Application Pools -> [myPool] -> Advanced Settings -> Process Model -> MaximumWorkerProcesses .

0
Dec 19 '17 at 14:48
source share

I don’t know if this is related to your problem or not, but Windows 2008 Server R2 or SP2 changed their IIS settings, which leads to a problem in saving the session. By default, it manages a separate session variable for HTTP and HTTPS. When variables are set to HTTPS, they will only be available on HTTPS pages when switching.

To solve the problem, there is an IIS configuration. In IIS Manager, open ASP properties, expand Session Properties, and change the New identifier for a secure connection to False .

0
May 15 '19 at 17:07
source share


More articles:


All Articles