发表新帖
发表新帖

random IIS session timeout

前端 未结
关注
3 1077
礼貌的吻别
礼貌的吻别 2021-01-24 02:23

I have a very strange problem and I am looking for any advice. I have a ASP.NET website running off of IIS 6 which works well for the most part. However, the sessions seem to be

相关标签:
3条回答
  • 悲&欢浪女
    2021-01-24 02:38

    to answer my own question:

    this link was very helpful:

    http://msdn.microsoft.com/en-us/library/ms972429.aspx

    namely this part:

    Server farm limitations. As users move from server to server in a Web server farm, their session state does not follow them. ASP session state is machine specific. Each ASP server provides its own session state, and unless the user returns to the same server, the session state is inaccessible. While network IP level routing solutions can solve such problems, by ensuring that client IPs are routed to the originating server, some ISPs choose to use a proxy load-balancing solution for their clients. Most infamous of these is AOL. Solutions such as AOL's prevent network level routing of requests to servers because the IP addresses for the requestor cannot be guaranteed to be unique.

    I switched my login/logout session to be purely cookie based (all i need for my solution)...for a more secure implimentation I think ASP.NET has built in Profile's ...as well as...ASP.NET sessions stored in your datebase...which i did not feel like researching /implimenting at the time.

    Andrew

    0 讨论(0)
  • 离开以前
    2021-01-24 02:41

    Your asp.net application may be recycled. Recycling can happen if a memory or cpu threshold is reached, or after a while (15 min inactivity used to be the default on IIS6).

    When the application is recycled, everything in memory is lost. It could be why you lose session data.

    To make sure recycling is the culprit, you can look at the performance counter on your server, or just log something in the Application_Start global.asax handler.

    For a list of asp.net performance counters on IIS6, check https://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/0a6c9f07-a70c-4c3d-b93d-5dfef593c744.mspx?mfr=true

    The counters for "Application restarts" and "Worker process restarts" are the one you should be looking at.

    0 讨论(0)
  • 面向向阳花
    2021-01-24 02:45

    Do you have more than one web server in a load-balanced cluster? I've had this problem when the encryption key is different between the 2 servers in the cluster. Whenever the load balancing switches you to another server, .Net can't decrypt the cookie so it thinks it's bad and sends you back to the login page.

    Here's the MSDN article about this.

    0 讨论(0)
 看不清?
提交回复
热议问题