Losing Session State

Question

I have an ASP net application where Users aren t able to successfully complete certain actions  for reasons  I m assuming  can only be related to losing their session  which is where I maintain their current user information  and how determine whether they are logged in   I m at a loss as to why they would lose their session  so my first question is   What  in general  would cause a user to lose their session in ASP net   and since I don t know when a user loses their session and can t reproduce it myself   How can I track when I user loses their session  Below is my sessionState config for reference   lt sessionState            mode  InProc             cookieless  false             cookieName  My Site Com             timeout  480   gt

User · Accepted Answer

A number of things can cause session state to mysteriously disappear.

Your sessionState timeout has expired
You update your web.config or other file type that causes your AppDomain to recycle
Your AppPool in IIS recycles
You update your site with a lot of files, and ASP.NET proactively destroys your AppDomain to recompile and preserve memory.

-

If you are using IIS 7 or 7.5, here are a few things to look for:

By default, IIS sets AppPools to turn themselves off after a period of inactivity.
By default, IIS sets AppPools to recycle every 1740 minutes (obviously depending on your root configuration, but that's the default)
In IIS, check out the "Advanced Settings" of your AppPool. In there is a property called "Idle Time-out". Set that to zero or to a higher number than the default (20).
In IIS, check the "Recycling" settings of your AppPool. Here you can enable or disable your AppPool from recycling. The 2nd page of the wizard is a way to log to the Event Log each type of AppPool shut down.

If you are using IIS 6, the same settings apply (for the most part but with different ways of getting to them), however getting them to log the recycles is more of a pain. Here is a link to a way to get IIS 6 to log AppPool recycle events:

http://web.archive.org/web/20100803114054/http://surrealization.com/sample-code/getnotifiedwhenapppoolrecycles/

-

If you are updating files on your web app, you should expect all session to be lost. That's just the nature of the beast. However, you might not expect it to happen multiple times. If you update 15 or more files (aspx, dll, etc), there is a likelyhood that you will have multiple restarts over a period of time as these pages are recompiled by users accessing the site. See these two links:

http://support.microsoft.com/kb/319947

http://msdn.microsoft.com/en-us/library/system.web.configuration.compilationsection.numrecompilesbeforeapprestart.aspx

Setting the numCompilesBeforeAppRestart to a higher number (or manually bouncing your AppPool) will eliminate this issue.

-

You can always handle Application_SessionStart and Application_SessionEnd to be notified when a session is created or ended. The HttpSessionState class also has an IsNewSession property you can check on any page request to determine if a new session is created for the active user.

-

Finally, if it's possible in your circumstance, I have used the SQL Server session mode with good success. It's not recommended if you are storing a large amount of data in it (every request loads and saves the full amount of data from SQL Server) and it can be a pain if you are putting custom objects in it (as they have to be serializable), but it has helped me in a shared hosting scenario where I couldn't configure my AppPool to not recycle couple hours. In my case, I stored limited information and it had no adverse performance effect. Add to this the fact that an existing user will reuse their SessionID by default and my users never noticed the fact that their in-memory Session was dropped by an AppPool recycle because all their state was stored in SQL Server.

User · Answer

I was only losing the session which was not a string or integer but a datarow  Putting the data in a serializable object and saving that into the session worked for me

User · Answer

I was having a situation in ASP NET 4 0 where my session would be reset on every page request  and my SESSION START code would run on each page request    This didn t happen to every user for every session  but it usually happened  and when it did  it would happen on each page request   My web config sessionState tag had the same setting as the one mentioned above   cookieless  false    When I changed it to the following     cookieless  UseCookies        the problem seemed to go away   Apparently true false were old choices from ASP NET 1   Starting in ASP Net 2 0  the enumerated choices started being available   I guess these options were deprecated   The  false  value has never presented a problem in the past - I ve only noticed in on ASP NET 4 0   I don t know if something has changed in 4 0 that no longer supports it correctly   Also  I just found this out not long ago   Since the problem was intermittent before  I suppose I could still encounter it  but so far it s working with this new setting

User · Answer

You could add some logging to the Global asax in Session Start and Application Start to track what s going on with the user s Session and the Application as a whole   Also  watch out of you re running in Web Farm mode  multiple IIS threads defined in the application pool  or load balancing because the user can end up hitting a different server that does not have the same memory   If this is the case  you can switch the Session mode to SQL Server

User · Answer

Your session is lost becoz       I have found a scenario where session is lost - In a asp net page  for a amount text box field has invalid characters  and followed by a session variable retrieval for other purpose After posting the invalid number parsing through Convert ToInt32 or double raises a first chance exception  but error does not show at that line  Instead of that  Session being null because of unhandled exception  shows error at session retrieval  thus deceiving the debugging     HINT  Test your system to fail it- DESTRUCTIVE   enter enough junk in unrelated scenarios for ex  after search results shown enter junk in search criteria and goto details of search result      you would be able to reproduce this machine on your local code base too       Hope it Helps  hydtechie

User · Answer

Dont know is it related to your problem or not BUT Windows 2008 Server R2 or SP2 has changed its IIS settings  which leads to issue in session persistence  By default  it manages separate session variable for HTTP and HTTPS  When variables are set in HTTPS  these will be available only on HTTPS pages whenever switched   To solve the issue  there is IIS setting  In IIS Manager  open up the ASP properties  expand Session Properties  and change  New ID On Secure Connection to False

User · Answer

Had a problem on IIS 8 when retrieving Content via Ajax  The issue was that MaximumWorkerProcesses was set to 2 and Javascript opened 17 concurrent requests  That was more than the AppPool could handle and a new pool  without auth-data  was opened   Solution was to Change MaximumWorkerProcesses to 0 in IIS - gt  Server - gt  Application Pools - gt   myPool  - gt  Advanced Settings - gt  Process Model - gt  MaximumWorkerProcesses

User · Answer

In my case setting AppPool- AdvancedSettings- Maximum Worker Proccesses to 1 helped

[asp.net] Losing Session State

Examples related to asp.net

Examples related to iis

Examples related to session