Summary of setting session expiration time in ASP

If you set session expiration in your program, it won't work even if you set the session time in IIS for 100 hours, because the program will be set up in the program first and only if the program is not set up in accordance with IIS

Time setting to put in front
For example

The code is as follows	Copy Code
Session.timeout=30 ' seesion effective time is 30 minutes Session ("id") =rs ("id") Session ("name") =rs ("name") Session (' Pass ') =rs ("Pass")

Setting the time-out period with the Session.Timeout property

For a user who logs on to an ASP application, if the user does not do anything else within the default time of the system, the user's session is automatically revoked when the time is set, which prevents the system from wasting resources. The TimeOut property of the Session object can be used to set the expiration time, which is in minutes, and is formatted as:

The code is as follows	Copy Code
Session.timeout=maxtime

Instance code: (5.asp) page, this example shows how to control the end of a session.

code is as follows

copy code

<%@ language=" VBScript "%> <% session.timeout=60%> & Lt;html> <body> <% who = Session.SessionID Currentpage=request.servervariables ("Script_name") Response.appendtolog who & ":" & currentpage Response.Write <center> your Session ID: "& Who &" <p> " Response.Write" The page path you are currently accessing is: "& currentpage &" <p> " If session (" I ") =" then session ("I") =1 Else session ("I") ") =session (" I ") +1 End If Session.Abandon Response.Write" This page has been refreshed by you "& Session (" I ") &" times. </centr> %>

asp.net applications, many people encounter session expiration settings in conflict. In which, you can have expiration times for setting sessions around:

One, global Web site (that is, server) level

iis-Web Site-Properties-asp.net-Edit configuration-state Management-session timeout (minutes)-set to 120, that is 2 hours, that is, 120 minutes later if the current user does not have an operation, then sessions automatically expire.

Second, site-level

iis-Web site-specific sites (such as Demosite)-property-asp.net, there are two options, one is "edit global Configuration", one is "edit configuration."

If you edit global configuration, it is the same as the previous configuration.

If edit configuration, it only takes effect for the current Web site. Because a server may have many independent web sites.

1. Continue to select State Management-session timeout (minutes)-set to 360, or 360 minutes. The effect is the same, but only for the current site.

2, identity authentication-forms-cooke timeout, select "12:00:00", that is 12 hours. The options have the following eight items:

00:15:00

00:30:00

01:00:00

02:00:00

04:00:00

08:00:00

12:00:00

1:00:00:00

That is, the longest 24 hours, the smallest 15 minutes. This is the default configuration. Can be freely customized in application.

Third, application-level

With Web site management, except that the scope is limited to the current application.

Four, page level

In a page, set session.timeout = 30 to temporarily modify the session expiration time of a page.

To view the expiration time for a session, you can use the

The code is as follows	Copy Code
TimeSpan sesstimeout = new TimeSpan (0, 0, System.Web.HttpContext.Current.Session.Timeout, 0, 0); TimeSpan sesstimeout = new TimeSpan (0, 0, System.Web.HttpContext.Current.Session.Timeout, 0, 0);

Wherein, the two and three settings are embodied in the Web.config, namely:

The code is as follows

Copy Code

View Plaincopy to Clipboardprint? <?xml version= "1.0"?> <configuration> <system.web> <authentication mode= "Forms" > <forms name= "Authlogin" loginurl= "/login.aspx" protection= "All" timeout= "360" slidingexpiration= "true"/> </authentication> <sessionstate mode= "InProc" cookieless= "false" timeout= "/>" </system.web> <location path= "Login.aspx" > <system.web> <authorization> <allow users= "*"/> </authorization> </system.web> </location> </configuration> <?xml version= "1.0"?> <configuration> <system.web> <authentication mode= "Forms" > <forms name= "Authlogin" loginurl= "/login.aspx" protection= "All" timeout= "360" slidingexpiration= "true"/> </authentication> <sessionstate mode= "InProc" cookieless= "false" timeout= "/>" </system.web> <location path= "Login.aspx" > <system.web> <authorization> <allow users= "*"/> </authorization> </system.web> </location> </configuration>

The above Priority settings are page-level > Application-level > site-level > server-level. In other words, if the page is set to 20 minutes and the site is set to 120 minutes, then it is clear that 20 minutes is the expiration date that takes effect.

Another noteworthy place.

At set two, the session timeout (sessionstate) is set to 120 minutes, with forms authentication, set to "00:15:00", or 15 minutes, and Slidingexpirationo to false. What is the actual session expiration time that is actually in effect?

The effective result is the sessionstate setting, that is, 120 minutes.

If a set session expiration does not take effect, please check the above configuration

other methods found on the Internet

1. Operating system: Widnows Server 2003

Step: Start the--〉 Administration Tools--〉internet Information Services (IIS) Manager--〉 Web site--〉 Default Web site--〉 Right-click "Properties"--〉 home directory--〉 Configure--〉 option--〉 Enable Session state--〉 session timeout (set the timeout time, in minutes). sure you can.

2, ASP. NET application settings for session expiration

In Web applications such as ASP.net, session is a common means of saving user state, but the session expiration setting is necessary because the server memory space is limited. How to set the expiration time of the session in ASP.net, very simply, modify the Web.config configuration.

The specific modification method is as follows, in the Web.config the following configuration

The code is as follows	Copy Code
<system.web> <sessionstate mode= "InProc" timeout= "/>" </system.web>

In this case, the session expiration time is 30 minutes. In other words, 30 minutes later, if the current user does not have an operation, the session automatically expires.

3, in the call session of the CS page, the Load event inside write the following

The code is as follows	Copy Code
Session.Timeout = 30;

4. Store session in ASP.net State service

code is as follows	copy code
< Cookieless= "false" timeout= "sessionstate" mode= "StateServer" stateconnectionstring= "tcpip=127.0.0.1:42424" sqlconnectionstring= "Data source=127.0.0.1;user id=sa;password="/>