Some of my legacy program is using ASP (not ASP.Net), and even if I set long session expire time, for example to 20 minutes, sometimes in short time (e.g. in several minutes) I will still notice session expire error box –
"too much idle time, please login again."
Any ideas to analyze further? Not sure whether it is my code bug or server (browser) configuration issue, since not all client/server combinations are met with this strange issue.
The session expire box is triggered by my code:
<%
if session("timeToken") = "" then
%>
<script language = "JavaScript">
<!--
window.alert ("too much idle time, please login again");
//-->
</script>
<%
response.End()
end if
%>
Make sure you site stays in the same case sensitive folders
e.g.
http://myserver.com/MyWebSite/
does not have the same session cookie as
http://myserver.com/mywebsite/
So it would log you out.
It could be the IIS limitation on your application seesion timeout.
Try this:
- Right click on you app folder in IIS
- Then go Properties -> Virtual Directory Tab -> Then the Configuration Button on the right bottom
- If it's disabled, then create the application first clicking the button Create
- Under the configuration window click on the Options tab and you will find SESSION TIMEOUT set by default to 20(mins)
hope this is the aswer to your prayers :)
Check that the application pool your app runs in is not recycling for some reason. For example does it have a more aggressive idle timeout (in a test scenario you may be the only on using the app and hence your not using it constitutes not just an idle session but an idle application).
The all sorts of different reasons that tha app pool can be configured for that will trigger a recycle.
Check the event logs when you have an unexcepted timeout, does anything look unusual there?
A couple of ideas based on your update:
Is there another reason your session("timeToken") could be empty? Another piece of code somewhere or perhaps the variable was misspelled somewhere?
How does the actual value of session("timeToken") change in your code? Is it set when the session starts? Is it updated periodically? What value does it store?
The code you've written seems to be fine, so if it's not a code issue it will likely be a genuine session problem... just some things to check first.
Updates:
- ASP session state is generally maintained using cookies - could you check that the client has cookies enabled?
- Is the ASP application served by more than one server? If it's being served from a web farm or cluster, you'll need to make sure that session state can persist across the machines or that a user's session is "sticky" - that is, it's always served by the same server.
More information and help can be found here: http://msdn.microsoft.com/en-us/library/ms972338.aspx
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 姐就是有狂的资本 的文章《ASP session expiration before timeout setting》','https://www.manongdao.com/article-813014.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}