Static Page Methods and Session Timeout's

  • Thread starter Thread starter Microsoft Newsserver
  • Start date Start date
M

Microsoft Newsserver

Hi Folks.

I have an issue I need some help with if thats OK.

I am running Framework 2.0 using Windows Integrated Security. For most of
the application we manage session timeouts without the user knowing anything
about it by ensuring all the essential objects ( only a few ) are in place
during session start.

For performance, there are some parts of the application which use static
page web methods to return xml to the page generally for popups which
require rapid response. This works very well untill the session times out
and the failure method is used on the callback.

Now, my quick fix for this was to set up an invisible button which does an
asynchronous postback that has no effect other than to reestablish the
session and pops up an alert to the user indication that they should retry
as the session has timed out. So my questions regarding this are.

1.) Can I intercept the server side process and reestablish the session in
some way to prevent the failure message being sent back to the client. ?

2.) If not possible, what is suggested as the best pattern to adpopt in this
scenario.

Thanks
 
async postbacks will not keep session alive unless you are using
cookieless sessions. if you are using cookie based sessions (the
default), then the timeout is in the cookie. ajax calls can not update
this cookie in the browser. as the session timeout logic requires
sending a new cookie and getting back on redirect, the ajax calls fail
to do this.

you could switch to sessionless for ajax calls (good performance idea)
or go to cookieless sessions

if you can handle session loss on a page requests, but not ajax, you
could turn off auto redirect logic in XmlHttpRequest, and handle the
cookie logic in javascript. you would to modify the ms ajx library code
to do this.

-- bruce (sqlwork.com)
 
We are not using cookiless sessions, although the sessions are not being
kept alive when an asynchronouse call from the ajax framework associated
with various panels is issued, the page cycle happens and the new session is
started. This is why my dummy button will create a new session invisibly to
the user ( apart from the ajax progress indicator ).

In my scenario, because I am also calling page methods which dont have
anything to do with the page requests, this simply fails. The challenge is
how to make this invisible.

Although I havent tried this thinking about it, I assume that the code never
gets called at all when the session has timed out and the failure results so
I would have to do one of the following things.

1.) Prejudge if the session has expired then establish it with a page
request using an async postback, after which I then issue my ajax request to
the static methods.

Or.

2.) Hold the parameters of the last call, make the page request and re-issue
the request.


Akward really.
 
when session times either on the server, or because the cookie expired and is
not passed, then the session logic creates a new session, creates a cookie,
and sends redirects back to itself. in the normal case the browser will send
back the new cookie, the session is loaded, and the page request is
processed. with an ajax call, the redirect is honored but the cookie is not
send. the session logic then knows that the browser is not honoring the
cookie, and thows an error, as there is no way to honor the session request.

if you don't need session to process the ajax calls (always a good design),
switch to ajax (json) webservices instead of page methods and disable session
on the webservices.


-- bruce (sqlwork.com)
 
while the second method will work, the first will not unless you are using
cookieless sessions.

-- bruce (sqlwork.com)


George said:
You can add EnableSession = true to your WebMethods. to keep Session alive.

[System.Web.Services.WebMethod(EnableSession = true)]
public static object Fetch()
{
.....
}

Or if you want you can use following technique
http://www.codeproject.com/KB/aspnet/SessionForever.aspx


George.


Microsoft Newsserver said:
Hi Folks.

I have an issue I need some help with if thats OK.

I am running Framework 2.0 using Windows Integrated Security. For most of
the application we manage session timeouts without the user knowing
anything about it by ensuring all the essential objects ( only a few )
are in place during session start.

For performance, there are some parts of the application which use static
page web methods to return xml to the page generally for popups which
require rapid response. This works very well untill the session times out
and the failure method is used on the callback.

Now, my quick fix for this was to set up an invisible button which does an
asynchronous postback that has no effect other than to reestablish the
session and pops up an alert to the user indication that they should retry
as the session has timed out. So my questions regarding this are.

1.) Can I intercept the server side process and reestablish the session in
some way to prevent the failure message being sent back to the client. ?

2.) If not possible, what is suggested as the best pattern to adpopt in
this scenario.

Thanks
 
Not sure what do you mean...
Are you saying that 20 minutes expiration will not be reset for Session if
the browser hit WebMethod with EnabledSession = true?


George.


bruce barker said:
while the second method will work, the first will not unless you are using
cookieless sessions.

-- bruce (sqlwork.com)


George said:
You can add EnableSession = true to your WebMethods. to keep Session
alive.

[System.Web.Services.WebMethod(EnableSession = true)]
public static object Fetch()
{
.....
}

Or if you want you can use following technique
http://www.codeproject.com/KB/aspnet/SessionForever.aspx


George.


Microsoft Newsserver said:
Hi Folks.

I have an issue I need some help with if thats OK.

I am running Framework 2.0 using Windows Integrated Security. For most
of
the application we manage session timeouts without the user knowing
anything about it by ensuring all the essential objects ( only a few )
are in place during session start.

For performance, there are some parts of the application which use
static
page web methods to return xml to the page generally for popups which
require rapid response. This works very well untill the session times
out
and the failure method is used on the callback.

Now, my quick fix for this was to set up an invisible button which does
an
asynchronous postback that has no effect other than to reestablish the
session and pops up an alert to the user indication that they should
retry
as the session has timed out. So my questions regarding this are.

1.) Can I intercept the server side process and reestablish the session
in
some way to prevent the failure message being sent back to the client.
?

2.) If not possible, what is suggested as the best pattern to adpopt in
this scenario.

Thanks
 
Back
Top