My users are constantly logged off the web app, so I am trying to use <sessionState mode="StateServer" cookieless="false" timeout="480" /> but I get a server error 500 because JQGrid cannot be serialized. Any ideas?
Change Webconfig sessionState to InProc and change IIS WorkerProcess to 1
"<system.web>
<sessionState mode="InProc" timeout="25"></sessionState>
I stopped using
Session["MyGridState"] = model.MyGrid.GetState();
Related
I add value to my session object in Outlook web addin
but my different controller session object is null
Attempted Solutions
I set the following in my web config
<sessionState mode="InProc" timeout="20" />
I set the following in my web config
<remove name="Session" />
<add name="Session" type="System.Web.SessionState.SessionStateModule"/>
Other Items I've tried
Made sure wasn't in the web.config
Tried enabling and running with SSL
Running in release mode
Ensured no Session.Abandon(); or Session.Clear();
Made sure no virus scans were running
Did a search to make sure I wasn't updating elsewhere
Ensured my ASP.NET State Service was running
Tried adding in [WebMethod(EnableSession = true)]
I've ensured I have cookies enabled
I upgraded Kentico site into version Kentico version 11. I am getting error of
Session state can only be used when enableSessionState is set to true, either in a configuration file or in the Page directive. Please also make sure that System.Web.SessionStateModule or a custom session state module is included in the \ section in the application configuration.
I performed solution for that:
I applied in web.config
sessionState cookieless="UseCookies" mode="InProc"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
stateConnectionString="tcpip=127.0.0.1:42424" timeout="20"
but not working.
I also added in page tag in web.config
pages enableSessionState="true" validateRequest="false" clientIDMode="AutoID"
controlRenderingCompatibilityVersion="4.0"
but not working.
I also start ASP.Net services but not working.
My .Net framework is 4.6
Correction on my last post now that i have a normal web.config in front of me.
Default Session State is:
<sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424" sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes" cookieless="false" timeout="20" />
Nothing else on the pages part. Try that. Emphasis on the cookieless="false" as that is different than your configuration.
at your web.config add the following
<modules runAllManagedModulesForAllRequests="true">
.
.
.
.
</modules>
I have a asp.net MVC 3.0 website hosted on a subdomain of a main website . Asp.net version is set to .Net 4.0 integrated pipeLine .
the Forms Authentication settings is as below :
<authentication mode="Forms">
<forms
cookieless="UseCookies"
defaultUrl="~/home"
enableCrossAppRedirects="false"
path="/"
requireSSL="false"
loginUrl="~/account/login"
protection="All"
timeout="120"
slidingExpiration="true"
name=".SubDomainAuthCookie"></forms>
</authentication>
but it logs me out just after few minutes each time ! the Host Admins say that is maybe because of improper coding or heavy tasks that cause the application pool to reset , but it's a simple mvc website with EF ORM . I can't figure out what to do ! what should I look for as possible cause of this situation ?
Update :
after checking Application_Start , I find that it's the problem , I logged Application_Start() and the result is whenever I'm being logged out , a log is added .
12/6/2012 12:14:03 PM ==> Application started
12/6/2012 12:16:35 PM ==> Application started
12/6/2012 12:22:59 PM ==> Application started
strange ,but real . there is nothing complicated or heavy in the logic ! Could EF be the problem , does it consume a lot of memory/CPU that cause application pool to reset ?
Check there's no other application using name=".SubDomainAuthCookie". These applications can overwrite their cookies.
Are you using FormsAuthentication.SetAuthCookie before calling FormsAuthentication.RedirectFromLoginPage in login page? If not, probably authentication cookies are not set properly.
Try to log Application_End of global.asax.cs to know if your app is recycling too much.
protected void Application_End(object sender, EventArgs e)
{
/log the Application_End/
}
As mentioned by #ZippyV in one of the answers below, the reason behind this is that IIS is by default set to automatically generate a pair of keys for decryption and validating authorization cookie contents (as well as other things) on each AppPool recycle called MachineKey. Also mentioned in this question
When this key is changed, stored authorization cookie contents on all browsers is no longer readable and authorization is lost.
The most simple remedy is to use a static MachineKey in your web.config
Also try to set the cookies to be the parent domain. more info here.
I had this problem too when my hosting provider recycled my site's process too often. For some reason the authentication cookie becomes invalid because the encryption/decryption keys change. And so your site is not able to read the authentication cookie anymore.
You can solve this problem by specifying the keys in your web.config so that they can't get changed by your hosting provider:
Go to http://aspnetresources.com/tools/machineKey and click the button
Copy the generated tag
Open your web.config file and paste the generated tag inside <system.web>
You also want to set the expire time of cookie which has been generated while you log in.
And in form authentiction you have to use this.
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, //Here Userinformation, DateTime.Now, DateTime.Now.AddDays(1), false, string.Empty);
Here i have set the expire of cookie to DateTime.Now.AddDays(1) (loggin date+1day) so its too long it will be logged in.
So the created ticket will be expired on next day from when you logged in.
And in Web.Config
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>
Now for a long time you can be logged in.
Hope it helps!!!
Check these links for deeper clarification on create loggin and expire time.
http://www.hanselman.com/blog/WeirdTimeoutsWithCustomASPNETFormsAuthentication.aspx
And
http://codeasp.net/blogs/vivek_iit/microsoft-net/848/forms-authentication-timeout-vs-session-state-timeout
Have you checked value in SessionState? It's default value is 20 Mins. You need to update it to same or greater than form authentication ticket.
Please add/update following tag in your configuration file.
**<sessionState timeout="120" />**
Im trying to use elfinder in my MVC 3 application and using this .NET connector
: http://elfinderconnectornet.codeplex.com/ for elfinder. And this connector works with http handler configured in section in WebConfig. For example:
for url like :
192.168.0.17:9002/elfinder.connector?_=1347370006351&cmd=open&target=&init=true&tree=......
i have a handler in web config
<system.web>
<httpHandlers>
<add verb="*" path="elfinder.connector" type="ElFinder.Connector.Connector" />
</httpHandlers>
</system.web>
and in global.asax.cs routes.IgnoreRoute("elfinder.connector");to ignore this url in "Controller/Action" routing.
When im running this code in VisualStudio localhost all works fine but on IIS 7 i have an 404 error.
May be IIS have custom config for httphandlers? some checkbox need to be checked :)
Any idea?
I received the same error because I didn't have read permissions on the directory. You must give, at least, read permission to see the folders and files.
Hope it helps. Regards.
I have a strange error I have never run into before.
I secured a controller with:
[Authorize(Roles = "admin")]
public class LoggingController : Controller
When a non-admin user tries to access any protected content, they are redirected to:
http://localhost:50501/Account/Login?ReturnUrl=%2flogging
note: account/login and NOT account/logon
The AccountController.Login action does not exist.
web.config has:
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>
I can of course implement the Login action and redirect to Logon.
I am just puzzled and would like to know why this happens.
Search your project for login - it has to be specified somewhere. Is there any other web.config value overriding this (maybe looking at a child root and the parent value is being used)
Also is there any redirect that is happening? Are there any defaults set in your machine's web.config?
Is your default url on the project set to be a /login?
Install glimpse route debugger to see which route is being used for this page as well.
EDIT:
A little more research yields a known issue.
Check out this link:
ASP.NET MVC issue with configuration of forms authentication section
Theres a bug in mvc 3 beta - are you running the beta bits?
Also notice the mentioned item in the above url for RTM bits:
<add key="loginUrl" value="~/LogOn" />
Also check out
http://forums.asp.net/p/1616153/4138366.aspx
EDIT 2
Below is a solid comment about a potential source of this from #santiagoIT (upvote his comment please if the specifics help you)
Today I discovered the root of this problem: I had added 'deployable dependency' on 'ASP.NET Web Pages with Razor Syntax'. This adds a reference to: WebMatrix.Data.dll This assembly has a class with a static constructor that does the following: static FormsAuthenticationSettings(){ FormsAuthenticationSettings.LoginUrlKey = "loginUrl"; FormsAuthenticationSettings.DefaultLoginUrl = "~/Account/Login";} That explains!
This worked for me and I'm using MVC 3
<appSettings>
<add key="loginUrl" value="~/Account/LogOn" />
</appSettings>
<system.web>
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" name=".ASPXFORMSAUTH" />
</authentication>
</system.web>
Also I found that adding the followinf part to the web config (only during debugging the config) helped speed up my debugging as had to authenticate for ANY page.
<authorization>
<deny users="?" /> <!-- remove after debugging -->
</authorization>
Just simply remove the WebMatrix dll if they are present in your deployed bin folder.
I fixed it this way
1) Go ot IIS
2) Select your Project
3) Click on "Authentication"
4) Click on "Anonymous Authentication" > Edit > select "Application pool identity" instead of "Specific User".
5) Done.