Summary of methods for setting session expiration time in ASP

Last Update:2015-01-16 Source: Internet

Author: User

Tags session id set time server memory

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Http://www.jb51.net/article/31217.htmasp Set Session Expiration Time method summary font: [Increase decrease] Type: Reprint ASP in the default session expires in 20 minutes, in many cases is not enough, Today there are many customer requirements to re-login, so prepared this article, convenient friends if the program does not set the session expiration time, then the session expiration time will follow the IIS set expiration time to execute, IIS in the default expiration time is 20 minutes, Session time can be changed in IIS

time settings to be placed in front

For example
Copy CodeThe code is as follows:
Session.timeout=30 ' seesion effective time is 30 minutes
Session ("id") =rs ("id")
Session ("name") =rs ("name")
Session ("Pass") =rs ("Pass")

setting the time-out period using the Session.Timeout property

For a user logged in to an ASP application, if the user does not do anything else in the default time of the system, the user's Session will be automatically revoked when the set time is reached, thus preventing the system from wasting its resources. The TimeOut property of the Session object can be used to set the expiration time, in minutes, in the format:

Copy CodeThe code is as follows:
Session.timeout=maxtime
Instance code: (5.asp) page, this example shows how to control the end of a session.
Copy CodeThe code is as follows:
<%@ language= "VBScript"%>
<% session.timeout=60%>
<body>
<%
who = Session.SessionID
Currentpage=request.servervariables ("Script_name")
Response.appendtolog Who & ":" & CurrentPage
Response.Write "<center> your Session ID:" & Who & "<p>"
Response.Write "The page path you are currently visiting is:" & currentpage & "<p>"
If Session ("I") = "" Then
Session ("I") =1
Else
Session ("I") =session ("I") +1
End If
Session.Abandon
Response.Write "This page has been refreshed by you" & Session ("I") & "Times". </centr> "
%>

In an ASP. NET application, many people encounter a conflict with the session expiration setting. Where you can set the expiration time of the session everywhere:

One, global Web site (that is, server) level

iis-Web Site-Properties-asp.net-Edit configuration-state Management-session timeout (minutes)-set to 120, which is 2 hours, or 120 minutes after the session expires automatically if the current user does not operate.

Second, the site-level

iis-Website-specific sites (such as demosite)-attribute-asp.net, there are two options, one is "edit global Configuration" and one is "edit configuration".
If you edit global configuration, it is the same as the previous configuration.
If edit configuration, it is only valid for the current site. Because a server may have many independent sites.
1. Continue to select "State Management"-session timeout (minutes)-set to 360, or 360 minutes. The effect is the same, but only for the current site.
2, identity authentication-forms-cooke timeout, select "12:00:00", that is, 12 hours. There are eight options available:
00:15:00
00:30:00
01:00:00
02:00:00
04:00:00
08:00:00
12:00:00
1:00:00:00
That is, the maximum 24 hours, the minimum 15 minutes. This is the default configuration. Can be freely customized in the application.

third, application-level

With Web site management, except that scopes are limited to current applications.

four, page level

On a page, set session.timeout = 30 to temporarily modify the session Expiration time for a page.
To view the expiration time of a session, you can use
Copy CodeThe code is as follows:
TimeSpan sesstimeout = new TimeSpan (0, 0, System.Web.HttpContext.Current.Session.Timeout, 0, 0);
TimeSpan sesstimeout = new TimeSpan (0, 0, System.Web.HttpContext.Current.Session.Timeout, 0, 0);
The settings for two and three, which are shown in Web. config, are:
Copy CodeThe code is as follows:
View Plaincopy to Clipboardprint?
<?xml version= "1.0"?>
<configuration>
<system.web>
<authentication mode= "Forms" >
<forms name= "Authlogin" loginurl= "/login.aspx" protection= "All" timeout= "" slidingexpiration= "true"/>
</authentication>
<sessionstate mode= "InProc" cookieless= "false" timeout= "/>"
</system.web>
<location path= "Login.aspx" >
<system.web>
<authorization>
<allow users= "*"/>
</authorization>
</system.web>
</location>
</configuration>
<?xml version= "1.0"?>
<configuration>
<system.web>
<authentication mode= "Forms" >
<forms name= "Authlogin" loginurl= "/login.aspx" protection= "All" timeout= "" slidingexpiration= "true"/>
</authentication>
<sessionstate mode= "InProc" cookieless= "false" timeout= "/>"
</system.web>
<location path= "Login.aspx" >
<system.web>
<authorization>
<allow users= "*"/>
</authorization>
</system.web>
</location>
</configuration>
The above settings are prioritized at page level > application level > Site level > Server level. In other words, if the page is set to 20 minutes and the site is set to 120 minutes, then it obviously takes 20 minutes for the expiration time to take effect.

Another notable area.

At set two, set the session timeout (sessionstate) for 120 minutes, while using forms authentication, set to "00:15:00", which is 15 minutes, and Slidingexpirationo to False, What is the expiration time of the session that actually takes effect?

The valid result is the sessionstate setting, which is 120 minutes.

If you have set the session expiration time does not take effect, please check the above configuration

other methods found on the Web

1. Operating system: Widnows Server 2003
Step: Start--〉 Administrative Tools--〉internet Information Services (IIS) Manager--〉 site--〉 Default Web site--〉 Right-click Properties--〉 Home Directory--〉 Configure--〉 options--〉 Enable Session-State--〉 session timeout (set the time-out you want here, in minutes). Ok.
2, ASP. NET application, setting the session Expiration time
In Web applications such as ASP. Session is a common means of saving user state, but because the server memory space is limited, the session expiration time setting is necessary. In ASP. How to set the session expiration time, very simple, modify the Web. config configuration.
The specific modification method is as follows and is configured in Web. config as follows
Copy CodeThe code is as follows:
<system.web>
<sessionstate mode= "InProc" timeout= "/>"
</system.web>
This refers to the session expiration time of 30 minutes. That means after 30 minutes, if the current user does not operate, then the session will automatically expire.
3, in the call session of the CS page, the Load event to write the following
Copy CodeThe code is as follows:
Session.Timeout = 30;
4. Store session in ASP.
Copy CodeThe code is as follows:
<sessionstate cookieless= "false" timeout= "480" mode= "StateServer" stateconnectionstring= "tcpip=127.0.0.1:42424" sqlconnectionstring= "Data source=127.0.0.1;user id=sa;password="/>

Summary of methods for setting session expiration time in ASP

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More