Thursday, March 29, 2012

Session Var

Ok, i made a gaming clan website. It has a login that uses session vars to store the username and pwd. I am experiencing an issue of logging out.

Does the time out mean time from creation?, like 20 min after the var is created, it kills it.

How do i keep the session var open while the person is on the site.session variables are active for the time that a person is on the site and is actively viewing (interacting with the server) the site.

If a person does not send any information back to the server within 20 minutes then their session variable expires. If they interact with the server (clicking on a link, posting a form etc) then their session variable is kept alive until the time they explicitly logout (Click on a logout button), close the browser or do not interact with the server for the default session timeout time..

hth
Cheers
MarkusJ
thats what i have heard but... it like isn't true for my case for some reason, cause i could be surfing around logged in and i will get logged out all of the sudden. I also have a page that refreshes its self every 5 min on a very small frame on the left bar...
Are you using frames/ pop up windows?
i have 2 main frames, a leftbar and a main window. Then i have the refreshing frame in the leftbar frame.
AFAIK there are some issues with frames and session variables

A quick search of the newsgroups reflects this

http://tinyurl.com/ifiw

Cheers
MarkusJ
that is only for ie below 5.5

and i don't really lose them between frames, they just die after 20 min, even if the person is active.
You should be using a different way to authenticate users like form. Holding the log in values in session variables isn't the way to do it. MS provided a couple different authentication methods, and they are full featured and quite good at what they do. You can use Windows, Forms, Passport or None (which is what you are doing). You should be using Forms authentication if you want to handle the authentication through code. Lethal posted some good authentication code at this link:
http://www.vbforums.com/showthread.php?s=&threadid=245643
Indeed,

like hellswraith said you ... There are other sorts of authentication. Session variables are very good to keep data in memory for a short time.
Use an authentication ticket

Dim objTicket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, Username, DateTime.Now, DateTime.Now.AddMinutes(60), False, String.Join("|", varRole))

1,
Username,
DateTime.Now,
DateTime.Now.AddMinutes(60), <<< EXPIRE DATE
False,
String.Join("|", varRole))

u can find full code for using the ticket in post http://www.vbforums.com/showthread.php?s=&threadid=257238
Posted by particularlyrtyf at 12:48 AM
Labels: , , , , , , , , , , , , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)