tags:

views:

154

answers:

3
+3  Q: 

Changing expiry on ASP.NET's Session State cookie

I'm using ASP.NET Session State to keep track of logged in users on my site.

However, one problem I'm running into is that by default ASP.NET session cookies are set to expire when the browser closes.

I've tried setting my own ASP.NET_SessionId cookie and modifying the cookie's expiry using something similar to the following code:

Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(1);

None of these approaches work, they all set a second cookie with the same name.

Is there a way of changing the session cookie's expiry?

+1  A: 

Just a guess: Maybe editing the session.configuration inside the web.config could change the cookie-expiration? You can take a look here?

Olaf Watteroth  2010-06-09 08:48:41
+2  A: 

I would suggest you use FormsAuthentication to track logged in users. You can use a persistent FormsAuthenticationCookie to achieve what you want.

Or if you really want to use Session State, try this technique.

Joe  2010-06-09 08:51:55
The FormsAuthCookie approach just allows returning users to skip the forms login if they re-connect within a specific time window. It doesn't maintain any state that they may have previously created on the server.
ChrisW  2010-06-09 21:25:52
@ChrisW - "It doesn't maintain any state that they may have previously created on the server" - of course not, such state should be persisted, e.g. to a database, e.g. using Profile.
Joe  2010-06-10 04:25:56
The technique you linked to works, thanks :)
Charlie Somerville  2010-06-14 09:17:51
+1  A: 

I think trying to keep session alive for a long time is the wrong approach and limits your scalability. The session cookie is pointing to a specific session that's being maintained by IIS on the server. In general, you want session to close after the user closes their browser so as to not consume all of the available server resources for inactive users. You want session for a departing user to close and the resources made available to a new arriving user. That's why the session cookie expires.

If you want to maintain some user state after the user closes their browser, you can always look at something like Profile. Or, if this is for something like a shopping cart, you can persist your shopping cart in a database and then reconnect that to the user when they log on again.

ChrisW  2010-06-09 21:24:18

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?