session cookie dissappears

[Guest]

I store the authenticated user in a session cookie. This cookie expires after
an hour. Now for some reason sometimes the client browser decides not to send
the session cookie information with a new request. This means the server
receives a request without user information and redirect the user to the
login page.

Somebody any bright ideas?

TX!


best regards,
nico

 

[Mark Monster]

Hello nico,

You can set the session time-out in web.config.

Regards,

Mark Monster

 

[Guest]

Hi Mark,

thank you for your quick reaction. The session time-out and cokkie
expiration are both set to 1 hour, but sometimes it happens that after let's
say 15 minutes a request from a user has no session cookie attached.

I analyzed the IIS logs and I could see the user logging on and goiing
through the pages with the session cookie information attached to the GET.
But for some reason it sometimes happens that the client doesn't send this
session information which results in a logout.

Why should a browser decide not to send a session cookie although it is not
expired?

 

[//Rutger Smit]

Hi Nico,

Any idea what kind of requests are being done that do not send the
cookie? I mean, perhaps a javascript document.location.replace does not
see the cookie because it's set by http headers instead of javascript code.


Cheers,
//Rutger

http://www.RutgerSmit.com

 

[Guest]

Hi,

the requests are all done by redirecting to a new page, which is actually
the same page with different parameters. Nothing in particular about that.

regards,
nico