Session Timeout Detail settings in C # webconfig

Session timeout in Webconfig detailed settings

When we set the session timeout in Webconfig, if the last address is a remote server, many of our properties are not required and are not set, and if you do, you cannot make the session timeout work. I am doing the current program, this is the case, when writing sessionstate, as follows, the timeout time set by the session will not work, but after the use of some properties, it will work.

Settings that do not work on the server after it is released:

<sessionstate mode= "InProc"

stateconnectionstring= "tcpip=127.0.0.1:42424"

sqlconnectionstring= "Data source=127.0.0.1; Trusted_connection=yes "

cookieless= "false"

timeout= "/> "

Settings that can work on the server after it is released:

<sessionstate mode= "InProc"

cookieless= "false"

timeout= "/> "

Because after reading the following article, know that stateconnectionstring and sqlconnectionstring are the options that are required when setting mode is StateServer and SQL Server, However, when mode is configured as InProc, it is not required. The 127.0.0.1 in stateConnectionString and sqlConnectionString is the default setting, but when it is a remote server, it needs to be changed to its effect, but the best and easiest method is the most common method, Is what I'm writing in the second configuration.

Specific reference articles are as follows:

From:http://www.cnitblog.com/seeyeah/archive/2008/01/25/22089.html

Reprinted from: http://www.cnblogs.com/sbitxg521/archive/2008/11/18/1335566.html

After opening the configuration file for an application, Web. config, we will find the following paragraph:

< sessionstate

Mode= "InProc"

Stateconnectionstring= "tcpip=127.0.0.1:42424"

sqlconnectionstring= "Data source=127.0.0.1; Trusted_connection=yes "

Cookieless= "false"

Timeout= "20"

/>

This section is about configuring how the application stores session information. The following operations are mainly for this section of the deployment. Let's take a look at the meaning of the content contained in this section of the configuration. The syntax for the sessionstate node is this:

< sessionstate mode= "off| inproc| stateserver| SQL Server "

cookieless= "True|false"

timeout= "Number of minutes"

stateconnectionstring= "Tcpip=server:port"

sqlconnectionstring= "SQL connection string"

statenetworktimeout= "Number of seconds"

/>

Required properties are

Property Options Description

Mode settings where to store the session information

OFF is set to do not use the session function

The InProc is set to store the session inside the process, which is the default value for storage in ASP.

The StateServer is set to store the session in a separate state service.

SQL Server settings stores the session in a

The optional properties are:

Property Options Description

Cookieless set where the client's session information is stored

Ture using cookieless mode

False use cookie mode, which is the default value.

Timeout sets the number of minutes after which the server automatically discards session information. Default is 20 minutes

stateConnectionString Sets the server name and port number used when the session information is stored in the State service, for example: "tcpip=127.0.0.1:42424". When the value of mode is StateServer Yes, this property is required.

sqlConnectionString Sets the connection string when connecting to SQL Server. For example, "Data source=localhost;integrated security= sspi;initial catalog=northwind". This property is required when the value of mode is SQL Server.

stateNetworkTimeout settings when the session state is stored using StateServer mode, the TCP/IP connection to the server that stores the state information is disconnected after the number of seconds that the Web server is idle. The default value is 10 seconds.

Asp. The storage of client session state in net

In the introduction of the session model above, we can find that the session state should be stored in two places, namely the client and server side. The client is only responsible for saving the SessionID of the corresponding website, while the other session information is saved on the server side. In ASP, the SessionID of the client is actually stored in the form of a cookie. If a user chooses to disable cookies in the browser's settings, he or she will not be able to enjoy the convenience of the session or even have access to certain websites. In order to solve the above problems, in ASP. NET client's session information storage methods are divided into: two kinds of cookies and cookieless.

Asp. NET, by default, the session information is stored on the client or using a cookie. If we want to store session information as a client using cookieless, here's how:

Locate the root directory of the current Web application, open the Web. config file, and locate the following paragraph:

< sessionstate

Mode= "InProc"

Stateconnectionstring= "tcpip=127.0.0.1:42424"

sqlconnectionstring= "Data source=127.0.0.1; Trusted_connection=yes "

Cookieless= "false"

Timeout= "20"

/>

The cookieless= "false" in this paragraph is replaced by the following: Cookieless= "true", so that the client session information is no longer stored using a cookie, but rather it is stored through a URL. Close the current IE, open a new IE, revisit the Web application, and you will see something like this:

In http://localhost/MyTestApplication/(ulqsek45heu3ic2a5zgdl245)/default.aspx, the client's session ID is marked in bold. Note that this information is automatically added by IIS and does not affect the previous normal connection.

Asp. The storage of server-side session state in net

Preparatory work

For you to experience the experiment better, you can create a page called sessionstate.aspx, and then add the following code to the < body>< /body>.

< scriptrunat= "Server" >

Sub Session_add (sender as Object, E as EventArgs)

Session ("mysession") = Text1. Value

Span1. InnerHtml = "Session data updated! < p>your Session contains: < font color=red> "& Session (" MySession "). ToString () & "< /font>"

End Sub

Sub checksession (sender as Object, EAs EventArgs)

If (Session ("mysession") is Nothing) then

Span1. InnerHtml = "Nothing, SESSION DATA lost!"

Else

Span1. InnerHtml = "Your session contains: < font color=red>" & Session ("MySession"). ToString () & "</FONT>"

End If

End Sub

< /script>

< formrunat= "server" id= "Form2" >

< inputid= "Text1" type= "text" runat= "server" name= "Text1" >

< inputtype= "submit" runat= "Server" onserverclick= "Session_add "

Value= "ADD to Session State" id= "Submit1" name= "Submit1" >

< inputtype= "submit" runat= "Server" onserverclick= "Checksession "

Value= "View Session State" id= "Submit2" name= "Submit2" >

< /form>

< hrsize= "1" >

< fontsize= "6" >< spanid= "span1" runat= "Server"/>< /font>

This sessionstate.aspx page can be used to test if the session information is missing on the current server.

Storing server session information in a process

Let's go back to the paragraph in the Web. config file just now:

< sessionstate

Mode= "InProc"

Stateconnectionstring= "tcpip=127.0.0.1:42424"

sqlconnectionstring= "Data source=127.0.0.1; Trusted_connection=yes "

Cookieless= "false"

Timeout= "20"

/>

When the value of mode is InProc, it indicates that the server is using this mode.

This approach is the same as in the previous ASP, where the server stores session information in the IIS process. When IIS shuts down and restarts, this information is lost. But this model also has its own greatest benefit, is the highest performance. All session information should be stored in the IIS process, so IIS can quickly access this information, which is much faster than storing session information out of process or storing session information in SQL Server. This mode is also the default for ASP.

Okay, now let's do an experiment. Open the Sessionstate.aspx page and enter some characters to store it in the session. Then, let's let IIS restart. Note that instead of stopping the current site from starting, you can choose to restart IIS by right-clicking on the node of the native machine name in IIS. (If you want to use NT4, restart IIS must restart the computer before the line, Microsoft really @#$%^&) back to the Sessionstate.aspx page, check the session information just now, found that the information has been lost.

Store server session information outside the process

First, let's open the management tools, service, and find a service named: ASP. NET State service to start it. In fact, the service is to start a process to save the session information. After starting this service, you can see a process called Aspnet_state.exe from the Windows Task Manager, which is the process in which we save the session information.

Then, go back to the above paragraph in the Web. config file and change the value of mode to StateServer. After saving the file, reopen an IE, open the sessionstate.aspx page and save some information to the session. At this point, let us restart IIS, and then go back to the Sessionstate.aspx page to view the session information just now, found not lost.

In fact, the way the session information is stored out-of-process refers not only to the process of storing information in the local computer, but also to the process of storing the session information in other servers. In this case, you need not only change the value of mode to StateServer, but also configure the corresponding parameters in the stateconnectionstring. For example, your calculation is 192.168.0.1, and you want to store the session in the process of the IP-192.168.0.2 computer, you need to set it up like this: stateconnectionstring= "tcpip=192.168.0.2: 42424 ". Of course, don't forget to load the. NET Framework in the 192.168.0.2 computer and start the ASP.

Store the server session information in SQL Server

First of all, let's do some preparatory work. Start SQL Server and the SQL Server Agent service. Execute a script file called InstallSqlState.sql in SQL Server. This script file will create a database in SQL Server dedicated to storing session information, and a SQL Server Agent job that maintains the session information database. We can find the file in the following path:

[System drive]\winnt\microsoft.net\framework\[version]\

Then open Query Analyzer, connect to the SQL Server server, open the file you just made and execute. Wait a moment, the database and the job is set up. At this point, you can open Enterprise Manager and see a new database called ASPState. But this database is just a few stored procedures, no user tables. The session information is actually stored in the ASPStateTempSessions table in the tempdb database, and the other Aspstatetempapplications table stores the Application object information in the ASP. These two tables were also created by the script just now. In addition to view Management->sql Server Agent----jobs, found also a job called aspstate_job_deleteexpiredsessions, The job is actually to remove the expired session information from the ASPStateTempSessions table every minute.

Next, we go back to the Web. config file and change the value of mode to SQL Server. Note that you also want to modify the value of the sqlconnectionstring at the same time, in the format:

sqlconnectionstring= "Data source=localhost; Integrated Security=sspi; "

Where data source refers to the IP address of the SQL Server server, if SQL Server and IIS are a machine, write 127.0.0.1. Integrated SECURITY=SSPI means that Windows Integrated authentication is used, so that access to the database is made as an ASP, and by this configuration, SQL can be obtained that is more than using the userid=sa;password= password Better security for server authentication. Of course, if SQL Server is running on another computer, you may need to maintain the consistency of validation on both sides of the way through Active Directory domains.

Again, let's do an experiment. Add session information to the sessionstate.aspx, then found that the session information already exists in SQL Server, even if you restart the computer, just the session information will not be lost. Now, you have completely seen what the session information is like, and is stored in SQL Server, what can be seen in your play, haha.

Summarize

Through this article, you can see the management and maintenance of the session, ASP. NET than ASP has made great progress, we can more arbitrarily choose the appropriate method. For enterprise-class applications, this is undoubtedly beneficial for server synchronization, server stability, and reliability. I believe that with the strong support of Microsoft, the next generation of e-commerce platform will be built better!

At the same time, you will find that the entire technology includes the integration of operating systems, Web services, and database technologies. I believe that maybe Windows is not stable with UNIX, IIS is not Apache stable, SQL Server is not as powerful as Oracle, but who can bring them together so perfectly? So, although Microsoft is not too strong in every respect, but if Microsoft's things are integrated together, who dare say he is not strong? Microsoft is Microsoft!

from:http://bbs.zxbc.cn/viewthread.php?tid=24539

Questions about session settings in Web. config

Session state requests cannot be made to the session-state server. Make sure that the ASP. NET State Service (ASP) is started and that the client port is the same as the server port. If the server is on a remote computer, check the Hkey_local_machine\system\currentcontrolset\services\aspnet_state \parameters\ The value of allowremoteconnection to ensure that the server accepts remote requests. If the server is on the local computer and the registry value mentioned above does not exist or is set to 0, the state server connection string must use "localhost" or "127.0.0.1" as the server name.

Look what's going on.

<sessionstate mode= "StateServer" stateconnectionstring= "tcpip=localhost:42424" timeout= "> < SsionState" >

I added this code in Web. config

After the cause of

From:http://msdn2.microsoft.com/zh-cn/system.web.sessionstate.httpsessionstate.timeout (VS.80). aspx

MSDN Sample

The following code example sets the timeout session property to 30 minutes in the Web. config file.

Copy Code

<configuration>

<system.web>

<sessionstate

Mode= "InProc"

Cookieless= "true"

Timeout= "/>"

</system.web>

</configuration>

Session Timeout Detail settings in C # webconfig