I get error below,
Session state has created a session id, but cannot save it because the
response was already flushed by the application.
But I dont'use Session any where. My application works as API and It doesn't use session State.
And in Web.config
<system.web>
<sessionState mode="Off"></sessionState>
</system.web>
Why this error going on every request.
I have read that topic. but He uses Session state. but I won't
What's causing “Session state has created a session id, but cannot save it because the response was already flushed by the application.”
Thanks
Try to remove also the session module on web.config as
<httpModules>
<remove name="Session" />
</httpModules>
After that, there is always the possibility some part of your code, or other code that you include to your application, to try to use session -
Related
I want to set session time out in asp.net web config file.I Google it for the best method.then I get multiple results.I am confusing that setting session state following code.which I one choose for appropriate session time out.Can I get a description about it
code 1:
<configuration><system.web>
<compilation debug="true" targetFramework="4.5"/>
<httpRuntime targetFramework="4.5" />
<sessionState timeout="20000"></sessionState>
code 2:
<sessionState mode="InProc" cookieless="false" timeout="2000"/>
code 3:
<sessionState timeout="40" />
Session timeout can be set be defining the timeout property like this.
<sessionState timeout="20000"></sessionState>
This time is in minutes and default timeout is 20 minutes.
What is making you confuse is mode="InProc". This is the mode which defines that where session data will be stored there are different modes in which data can be saved. Please read this article for details about session state. There are different properties for session state which can be configured just like you have configured timeout property.
Session Modes
Custom
Session state is using a custom data store to store session-state information.
InProc
Session state is in process with an ASP.NET worker process.
Off
Session state is disabled.
SQLServer
Session state is using an out-of-process SQL Server database to store state information.
StateServer
Session state is using the out-of-process ASP.NET state service to store state information.
I downloaded one sample of asp.net.
And when I ran, I see that the link like that:
http://localhost/(S(1uld2ekua0uuilxlw15zguus))/login.aspx
Can you tell me where we have the string "(S(1uld2ekua0uuilxlw15zguus))"? I checked in the web.config, global.cs but I still don't know where we configure it.
I'm very appriciated for your help.
Thanks.
The string is session id.
What is session id?
Session Id is a unique ID generated by asp.net, to identify the current session.
You are seeing it in a link, because
in web.config file, you'll have this.
<system.web>
<sessionState cookieless="true"></sessionState>
<system.web>
If you don't need that in the url, you can just set cookieless=false
So, it becomes:
<system.web>
<sessionState cookieless="false"></sessionState>
<system.web>
Now, the session id will be stored in a cookie.
I am trying to use a session but when i need the value back its null?
My website starts off with a login where i put the user name into a Session.
Session["userName"] = login.UserName;
Then the website is redirected to a new page.
return RedirectToAction("Choice", new { token = token });
after witch i use a link to move to my next page.
#Html.ActionLink("Download", "Download", new {token = Model.Token})
Where i direct my code to a action result in the Home controller, the same controller i have my login function.
#Html.ActionLink("Download", "DownloadFile", new { fileid = item.Key, token = Model.Token, platform = "windows", filename = item.Value }, new {#class = "DownloadLink" } )
Where i try call up my session value again.
formMobiApi.GetFile(token, fileid, platform, filename, Session["userName"].ToString(), tasks, taskId, spreadSheetStatus);
Are any of these actions doing anything to make my session value null?
Can i use a session like this?
If you are not manually setting your session state in web.config then the defaults you should have are in-process (sessions are stored in the RAM of the web server) and timeout is 20 minutes - see here for more information on session states.
You can manually set your states in your web.config file with the following:
<configuration>
<system.web>
<sessionState mode="InProc" timeout="20"></sessionState>
</system.web>
</configuration>
Now, onto your actual issue. I'm not exactly sure why your session isn't persisting and I can't feasibly find out as I don't have a copy of your code to debug. At a guess I'd say your HttpContext is different from when you initialized the session, to when you're requesting it and so your context key is different. Try changing
Session["userName"].ToString();
to
HttpContext.Current.Session["userName"].ToString();
This looks a little odd at first glance, as you're effectively doing the EXACT same thing. The difference comes down to if the current object doesn't have access to the HttpContext you need to explicitly define which context to read from.
Having taken another look at the code you've provided, there's nothing out of the ordinary - this should work. I really am starting to believe this is an environment / configuration issue. If you're using Form Authentication then check your timeout in your web.config file. Also, if you're hosting in IIS (and not Visual Studio's web server - although you should check this too!) try deleting your application pool and recreating it.
Your session variable is set up properly and it is being called properly to obtain the value.
The only thing left to debug is to actually see if login.UserName has an actually value. Because you might just be setting a session variable to null(login.UserName).
also try adding this to your web.config file if that doesn't work.
<sessionState mode="InProc" timeout="20" customProvider="DefaultSessionProvider">
<providers>
<add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" />
</providers>
</sessionState>
While deveoping a site (using Forms authentication and InProc sessionstate) a frequently run into a scenario where I lose the variables stored in Session (such as Session["myVar"]), but my auth-session remains valid.
This results in some wierd behavior on my site.
Why is this happening and what can I do to prevent diffrent lifecycles for my auth and my session variables?
In Asp.Net a Session and "Being logged in" are not the same thing.
Both are (usually) controlled by cookies, but the cookies are separate.
To control how long a Session is kept alive, please see answer by Jonas T.
To control how long a user remains logged in, you can use the timeOut on the <forms ... /> element:
<system.web>
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="120" slidingExpiration="true"/>
</authentication>
...
</system.web>
To get rid of your problem you should make sure that the session timeout is at least as long as the forms authentication timeout.
If you are allowing persisted cookies in forms authentication ("Remember me"), then there are no gurantees. In that case you just have to set the session timeout to "long enough" according to some criteria/specification.
Edit: Also check the settings on your application pool (under IIS) where the site is deployed. And specifically check what the "Idle Time-out" is. If this is set low (default value is 20 minutes I think), then IIS will shut down the application pool if no request have come in during that time. That (of course) terminates whatever in-proc sessions existed.
Forms Authentication stores its ticket in Cookie at client side or URL(if cookie is disabled).
Session variables are stored at server side with expired time. If you want your variable to be more persistent use cookie.
You can extend your session time out in web config. This is for 20 minutes.
<configuration>
<system.web>
<sessionState timeout="20"></sessionState>
</system.web>
</configuration>
You said that you are working with ASP.NET Form authentication/authorization then I'd suggest you to use Profile instead of Session state.
We are developing a web application in Asp.net(4.0). In this application we use jquery and javascript and webservices and I frames
Here I am getting the problem with session expire. How can I solve this? I can't understand where the session is expiring.
If I'm understanding the question properly, you can adjust session timeout in your Web.config file, using something like this:
<system.web>
<sessionState mode="[Off|InProc|StateServer|SQLServer|Custom]" timeout="[numberOfMinutes]" />
...
</system.web>
Your use of JQuery, javascript, webservices, and IFrames are not affecting your session expiration issue.
The following page is an excellent resource for learning to use the Session State:
ASP.NET Session State Overview
Go to the section on that page titled Configuring Session State for information pertaining specifically to your question.
Here's your options for Session State configuration, including timeout:
<sessionState mode="SQLServer"
cookieless="true "
regenerateExpiredSessionId="true "
timeout="30"
sqlConnectionString="Data Source=MySqlServer;Integrated Security=SSPI;"
stateNetworkTimeout="30"/>