tags:

views:

448

answers:

3
Q: 

ASP.NET: Large number of Session_Start with same session id

I'm running a ASP.NET website on my development box (.NET 2.0 on Vista/IIS7). The Session_Start method in global.asax.cs logs every call to a file (log4net). The Session_End method also logs every call.

I'm using InProc session state, and set the session timeout to 5 mins (to avoid waiting for 20 mins).

I hit the website, wait for 5 minutes unit I see the Session_End logging. Then I F5 the website. The browsers still has the session cookie and sends it to the server. Session_Start is called and a new session is created using the same session id (btw: I need this to be the same session id, because it is used to store data in database).

Result: Every time I hit F5 on a previously ended session, the Session_Start method is called.

When I open a different browser, the Session_Start method is called just once. Then after 5 minutes the Session_End each F5 causes the Session_Start method to execute.

Can anyone explain why this is happening?

Update: After the Session timeout, all subsequent requests have a session start & session end. So in the end my question is: why are the sessions on these subsequent request closed immediatly?

2010-02-09 14:49:08,754 INFO  Global.asax[7486] [(null)] - Session started. SID=nzponumvf1hbaniverffp4mq host=127.0.0.1
2010-02-09 14:49:08,754 INFO  Global.asax[7486] [nzponumvf1hbaniverffp4mq] - Request start: GET http://localhost:80/js/settings.js
2010-02-09 14:49:08,756 INFO  Global.asax[7486] [(null)] - Session ended. SID=nzponumvf1hbaniverffp4mq
2010-02-09 14:49:08,760 INFO  Global.asax[7486] [(null)] - Session started. SID=nzponumvf1hbaniverffp4mq host=127.0.0.1
2010-02-09 14:49:08,760 INFO  Global.asax[7486] [nzponumvf1hbaniverffp4mq] - Request start: GET /css/package.aspx?name=core
2010-02-09 14:49:08,761 INFO  Global.asax[7486] [(null)] - Session ended. SID=nzponumvf1hbaniverffp4mq
2010-02-09 14:49:08,762 INFO  Global.asax[7486] [(null)] - Session started. SID=nzponumvf1hbaniverffp4mq host=127.0.0.1
2010-02-09 14:49:08,762 INFO  Global.asax[7486] [nzponumvf1hbaniverffp4mq] - Request start: GET /js/package.aspx?name=all
2010-02-09 14:49:08,763 INFO  Global.asax[7486] [(null)] - Session ended. SID=nzponumvf1hbaniverffp4mq
2010-02-09 14:49:08,763 INFO  Global.asax[7486] [(null)] - Session started. SID=nzponumvf1hbaniverffp4mq host=127.0.0.1
2010-02-09 14:49:08,763 INFO  Global.asax[7486] [nzponumvf1hbaniverffp4mq] - Request start: GET /css/package.aspx?name=rest
2010-02-09 14:49:08,764 INFO  Global.asax[7486] [(null)] - Session ended. SID=nzponumvf1hbaniverffp4mq
2010-02-09 14:49:08,764 INFO  Global.asax[7486] [(null)] - Session started. SID=nzponumvf1hbaniverffp4mq host=127.0.0.1
2010-02-09 14:49:08,765 INFO  Global.asax[7486] [nzponumvf1hbaniverffp4mq] - Request start: GET /css/package.aspx?name=vacation
2010-02-09 14:49:08,765 INFO  Global.asax[7486] [(null)] - Session ended. SID=nzponumvf1hbaniverffp4mq

web.config relevant section:

<system.web>
  <compilation debug="true" />
  <sessionState timeout="2" regenerateExpiredSessionId="false" />
</system.web>
+1  A: 

hi can you please post you web.config?

check the regenerateExpiredSessionId value in system.web/sessionState

nWorx  2010-02-09 14:20:39
I don't have regenerateExpiredSessionId in the web.config. I don't want to regenerate expired session id, this is a requirement because we need the session id to update records in the database
Jaap  2010-02-09 15:00:22
maybe it would help if you set it manually to "false"
nWorx  2010-02-09 15:23:04
setting the value to false doesn't work, still getting the Session_Start/Session_End for 1 request
Jaap  2010-02-09 16:15:38
A: 

Are you making changes to bin folder of your web app? Like logging in the bin folder, this can cause was causing the session start to fire more than once.

mas_oz2k1  2010-04-04 23:16:00
A: 

I think you are misunderstanding the meaning of regenerateExpiredSessionId. You currently have it set to false, which means it will REUSE expired session ID's, rather than generating a new one each time that user gets a new session. The ASP.NET session id is keept in the users cookie, and when regenerateExpiredSessionId is set to false, that users same session id will be reused for each NEW session they get so long as the cookie is valid.

Try setting regenerateExpiredSessionId to true.

jrista  2010-04-04 23:21:16

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps