I have a page (View), which sends AJAX queries in some intervals. User can work with this page very long time. But session expired in about 40-60 minutes. So AJAX-requests don't return usefull information.
My Web.config
<system.web>
<sessionState
timeout="259200"
cookieName="SunTest.SessionId"
regenerateExpiredSessionId="true"
sqlCommandTimeout="200"
stateNetworkTimeout="200">
</sessionState>
<roleManager enabled="true" defaultProvider="SqlProvider" cacheRolesInCookie="true" cookieName=".ASPROLES" cookieTimeout="259200" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All">
<providers>
<add name="SqlProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="SqlServices" applicationName="/" />
</providers>
</roleManager>
<authentication mode="Forms">
<forms loginUrl="~" timeout="259200" protection="All" />
</authentication>
I've changed my web.config
<appSettings>
<add key="enableSimpleMembership" value="false" />
<add key="autoFormsAuthentication" value="false" />
</appSettings>
<system.web>
<sessionState
mode="SQLServer"
allowCustomSqlDatabase="true"
sqlConnectionString="Data Source=servername;Initial Catalog=dbname;User ID=username;Password=password"
timeout="259200"
cookieName="SunTest.SessionId"
regenerateExpiredSessionId="true"
sqlCommandTimeout="200"
stateNetworkTimeout="200">
</sessionState>
<roleManager createPersistentCookie="true" enabled="true" defaultProvider="SqlProvider" cacheRolesInCookie="true" cookieName=".ASPROLES" cookieTimeout="259200" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All">
<providers>
<add name="SqlProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="SqlServices" applicationName="/" />
</providers>
</roleManager>
<authentication mode="Forms">
<forms domain="help2b-2.hosting.parking.ru" name="ASPXFORMSAUTH" path="/" loginUrl="~" slidingExpiration="true" cookieless="UseCookies" timeout="259200" requireSSL="false" />
</authentication>
It makes these cookies:
So, there are 3 cookies:
SunTest.SessionId. 301 byte. Expires - Session.
ASPXFORMSAUTH. 301 byte. Expires - Session.
.ASPROLES. 565 byte. Expires - Tue, 10 Jul 2012 04:14:48 GMT
But after several minutes (something about 30-40), it deletes the .ASPROLES cookie. The user is signed out. So, AJAX queries don't work.
What is wrong with this config?
Are all your users losing session state at the same time? If so, your app pool could be recycling. There are several reasons why this can happen.
I would recommend you consider setting up your user session management so that it is able to survive application and session restarts. Here are some options.
Had the same problem, added the below two appSettings:
<add key="enableSimpleMembership" value="false" />
<add key="autoFormsAuthentication" value="false" />
My Forms:
<forms name="ASPXFORMSAUTH" path="/" domain="something.com" loginUrl="~/Account/LogOn" cookieless="UseCookies" slidingExpiration="true" timeout="1441" requireSSL="false" />
works well now!
A lot of the stated goals of MVC were to move to a stateless model - how much application change can you make to move to a stateless model? If you were to add some identifying information to your ajax calls and make them stateless, using session state wouldn't be a dependency (over simplified, of course - I have no idea what your app is doing).
How are you creating your form tag?
Are you using IIS 7? In case take a look at:
Application pool’s Idle Time-out(minutes)
Session state – State server’s Time-out (seconds)
来源:https://stackoverflow.com/questions/8780476/asp-net-mvc-3-session-expired-too-quickly