PDA

Click to See Complete Forum and Search --> : Session Questions

kwilliams
06-19-2006, 12:41 PM
I have 2 questions:
1) I've read that the ASP.NET SessionID is 120-bit, and I know that our old ASP SessionID's were about 24 characters long. So can the new ASP.NET SessionID's be up to 120 characters long?

2) I'm still having a problem with a new ASP.NET site that I'm developing with the use of Session variables. I set the main "Session.Timeout = 20" and the "SessionID" on the login page's bacground script page, but the user's session is timing out even though there is activity across related pages on one site. All of the pages are located across different directories within one site on one server. But all of the site's pages are accessed through one central page dynamically through server-side includes. Does anyone know why this is happening? Could it be because the site's dynamic? And if so, how can I get this to work with a dynamic site?

Thanks for any help.
kwilliams
06-29-2006, 02:51 PM
I still haven't received a response, so I thought I'd update this post:

Basically, the session variables are timing out before the session.timeout and session.sessionid methods have timed out. So this is the scenario:

On initial login:
Session("Group") = "A"
Session.Timeout = 20
Session.SessionID = a bunch of code

After 20 minutes of activity:
Session("Group") = ""
Session.Timeout = 20
Session.SessionID = a bunch of code

The session.timeout and session.sessionid variables are staying active properly, but the session("Group") variable is timing out on it's own even though the page is being refreshed by the user (me).

I also tried changing the web.config file itself to set the sessionState, like this:
<configuration>
<appSettings>
</appSettings>
<system.web>
<customErrors mode="Off" />
<SessionState timeout="20" />
</system.web>
</configuration>

...but I received this error message:
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".

<!-- Web.Config Configuration File -->

<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.

<!-- Web.Config Configuration File -->

<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>

...but I already have the "customErrors" set to "Off", so I'm not sure why I'm getting this error message.

Has anyone run into these issues, and if so, is there a solution for it? My operating system is Windows XP, and my test server is running IIS6 if that makes any difference. Thanks for any help.