会话超时在asp.net mvc 4 C#中不起作用。 为什么?
[英]Session timeout does not work at asp.net mvc 4 C# . Why?
问题描述
For my web site I configured login session timeout for 1 week in web.config file 
对于我的网站,我在web.config文件中配置了1周的登录会话超时
<system.web>
<httpRuntime />
<!-- Session keeps for 7 days -->
<sessionState timeout="10080"></sessionState>
<authentication mode="Forms">
<forms loginUrl="~/" timeout="10080" slidingExpiration="true"/>
</authentication>
<!-- Configuration end -->
</system.web>
Here is code for login 这是登录的代码
[AllowAnonymous]
[HttpPost]
public ActionResult Login(string Login, string Password)
{
// empty passwords are not allowed
if (Password == "")
return Redirect(Request.UrlReferrer.ToString());
bool LoginResult = WebSecurity.Login(Login, Password, true);
return Redirect(Request.UrlReferrer.ToString());
}
I login, close browser and open it again go to my web site -> user is logged in. I close browser, wait some time (about 30 minutes) go to my web site -> user is logged off. 我登录,关闭浏览器并再次打开它去我的网站 - >用户已登录。我关闭浏览器,等待一段时间(约30分钟)转到我的网站 - >用户已注销。 Why? 为什么? Session should be stored for 7 days but we does not have even 30 minutes. 会话应存储7天,但我们甚至没有30分钟。 Whan can be the source of problem? Whan可能是问题的根源?
Edit 1 The main idea is that I want to go back to the site in several days and still open it with logged in user 编辑1 主要想法是我想在几天内回到网站,并仍然使用登录用户打开它
4 个解决方案
解决方案1
12 已采纳 2014-04-02 11:31:07
Possibly, your IIS would have been configured to 20 minutes of TimeOut . 可能,您的IIS已配置为20分钟的TimeOut 。
Change the IIS session timeout to 1 week 24 hours, which I hope will solve your problem. 将IIS会话超时更改为1周 24小时,我希望这将解决您的问题。
By design, the maximum value of timeout is set to be 24 hours. 根据设计,超时的最大值设置为24小时。 Check out Microsoft support forum 查看Microsoft支持论坛
To achieve a larger window for timeout, you could consider maintaining session states in SQL , as suggested by @Marc. 要实现更大的超时窗口,您可以考虑在@Marc中建议在SQL维护会话状态。
解决方案2
3 2014-04-02 12:30:31
解决方案3
2 2016-04-17 15:49:20
Website Session.Timeout will work only when it is less than the application pool session timeout value; 网站Session.Timeout仅在小于应用程序池会话超时值时才有效; because whenever the application pool session timeout value is reached, that particular application pool will be restarted. 因为每当达到应用程序池会话超时值时,将重新启动该特定应用程序池。
http://www.codeproject.com/Articles/113287/Why-Session-Timeout-is-not-working-for-your-websit http://www.codeproject.com/Articles/113287/Why-Session-Timeout-is-not-working-for-your-websit
解决方案4
1 2014-04-02 11:35:54
When the application is idle (no requests for some time), IIS may shut it down. 当应用程序空闲(没有请求一段时间)时, IIS可能会将其关闭。 This will destroy all Sessions . 这会破坏所有Sessions 。
Authentication stores it's data in a database and thus survives a restart. Authentication将其数据存储在数据库中,从而在重新启动后仍然存在。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.