开发者

IIS Session State Server stops working after 30-60 minutes

So we have three 2008 R2 Servers where two are configured to be web servers (IIS 7.5), and the third a session state server. I have set the SessionState and MachineKey settings in the applications web.config. After I restart the two web servers I can log into one server, then change the IP address to the other server, and I am still logged in. Success.

I can typically log in/out with any user account I want, change the ip address back and forth, and all is well until some random time between 30-60 minutes when I log in to one server, change the IP address, and the new server asks for credentials.

This is the sessionState setting in both web.configs:

<sessionState mode="StateServer" stateConnectionString="tcpip=xxx.xxx.xxx.xxx:42424" cookieless="开发者_高级运维false" timeout="30"/>

The application resides under the default web site, and uses the default application pool. I am using forms authentication with a timeout of 20 minutes. I am not receiving any error events on any of the three servers when this happens, and restarting the two web servers fixes the problem for a while. The two web servers are not clustered per-se, but will be served round-robin via a network device.

Any assistance would be appreciated.


Check that you have slidingExpiration="true" in authentication->forms element.


Session Timeout and Forms Auth Timeout are not the same nor do they stay in sync. The Forms Auth is asking for credentials because it has timed out. Check into the SlidingExpiration. The state server doesn't care, it will just blow up if you reference something that has expired. Also, read carefully about how SlidingExpiration works, its tricky:

Sliding expiration resets the expiration time for a valid authentication cookie if a request is made and more than half of the timeout interval has elapsed.

Handling session and authentication timeouts in ASP.Net

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜