locked
Session State in MVC 3 RRS feed

  • Question

  • User-1723392076 posted

    Hi,

    I configured session state in web.config like this:

        <sessionState
       mode="InProc"
       timeout="1"
       cookieless="UseCookies"
       regenerateExpiredSessionId="false"
       />

    I need users to log in before they access content and I need user sessions to ime out after few minutes of inactivity.

    With above setting I can click after more than one minute and the user is NOT logged out - the session does not time out.

    What am I missing?

    M.

    Sunday, June 5, 2011 4:11 PM

Answers

  • User-1359474226 posted

    Did you put your login code in a Session like the steps shown below.

    User Enters Username and password

    User is validated against a database

    if the user is valid then

    Session["AuthenticatedUser"] = true

    else

    Session["AuthenticatedUser"] = true

    In the home page you can put a check like this

    if Session["AuthenticatedUser"] is true then allow access if not then redirect to login page.

    Now this value Session["AuthenticatedUser"] will be null after 1 minute of inactivity.

    I suggest you use form authentication for login mechanism. Here is a link

    http://support.microsoft.com/kb/301240

    Hope this helps

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, June 6, 2011 3:28 AM
  • User-578657687 posted

    Hi,

    You may check this link below:

    http://msdn.microsoft.com/en-us/library/87069683(v=VS.80).aspx

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, June 7, 2011 11:36 PM

All replies

  • User-1359474226 posted

    Did you put your login code in a Session like the steps shown below.

    User Enters Username and password

    User is validated against a database

    if the user is valid then

    Session["AuthenticatedUser"] = true

    else

    Session["AuthenticatedUser"] = true

    In the home page you can put a check like this

    if Session["AuthenticatedUser"] is true then allow access if not then redirect to login page.

    Now this value Session["AuthenticatedUser"] will be null after 1 minute of inactivity.

    I suggest you use form authentication for login mechanism. Here is a link

    http://support.microsoft.com/kb/301240

    Hope this helps

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, June 6, 2011 3:28 AM
  • User-578657687 posted

    Hi,

    You may check this link below:

    http://msdn.microsoft.com/en-us/library/87069683(v=VS.80).aspx

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, June 7, 2011 11:36 PM