Increasing Session TimeOut

前端 未结 1 1066
清酒与你
清酒与你 2021-02-19 10:33

Site hosted via IIS 7.0

I would like to set my session time-out to 9 hours in my ASP.NET application.
This has been set at web.config



        
相关标签:
1条回答
  • 2021-02-19 11:35

    Firstly, I would like to confirm whether this assumption is right.

    Yes, this assumption is absolutely right in case you are using in-memory session state mode. In this case the session is stored in memory and since IIS could tear down the AppDomain under different circumstances (period of inactivity, CPU/memory tresholds are reached, ...) the session data will be lost. You could use an out-of-process session state mode. Either StateServer or SQLServer. In the first case the session is stored in the memory of a special dedicated machine running the aspstate Windows service and in the second case it is a dedicated SQL Server. The SQL Server is the most robust but obviously the slowest.

    1) Whether the refresh method will work for my scenario , even if the page is minimized?

    The hidden iframe still works to maintain the session alive but as I said previously there might be some conditions when IIS unloads the application anyway (CPU/memory tresholds are reached => you could configure this in IIS as well).

    2) Are there any other methods that could increase session time out that overrides IIS timeout setting?

    The previous method doesn't increase the session timeout. It simply maintains the session alive by sending HTTP requests to the server at regular intervals to prevent IIS from bringing the AppDomain down.

    3) Also I read some questions in Stack Overflow where the answers state that the IIS session timeout is for clasic ASP pages. Then why is not my extended timeout not firing?

    There is no such thing as IIS session timeout. The session is an ASP.NET artifact. IIS is a web server that doesn't know anything about sessions.

    Personally I don't use sessions in my applications. I simply disable them:

    <sessionState mode="Off"></sessionState>
    

    and use standard HTTP artifacts such as cookies, query string parameters, ... to maintain state. I prefer to persist information in my backend and retrieving it later using unique ids instead of relying on sessions.

    0 讨论(0)
提交回复
热议问题