Asp.net 默认配置下，Session莫名丢失的原因及解决办法

Asp.net 默认配置下，Session莫名丢失的原因及解决办法

正常操作情况下Session会无故丢失。因为程序是在不停的被操作，排除Session超时的可能。另外，Session超时时间被设定成60分钟，不会这么快就超时的。

这次到CSDN上搜了一下帖子，发现好多人在讨论这个问题，然后我又google了一下，发现微软网站上也有类似的内容。

现在我就把原因和解决办法写出来。

原因：

由于Asp.net程序是默认配置，所以Web.Config文件中关于Session的设定如下：
<sessionState mode='InProc'stateConnectionString='tcpip=127.0.0.1:42424'sqlConnectionString='data source=127.0.0.1;Trusted_Connection=yes'cookieless='true'timeout='60'/>

我们会发现sessionState标签中有个属性mode，它可以有3种取值：InProc、StateServer?SQLServer（大小写敏感）。默认情况下是InProc，也就是将Session保存在进程内（IIS5是aspnet_wp.exe，而IIS6是W3wp.exe），这个进程不稳定，在某些事件发生时，进程会重起，所以造成了存储在该进程内的Session丢失。

哪些情况下该进程会重起呢？微软的一篇文章告诉了我们：
1、配置文件中processModel标签的memoryLimit属性
2、Global.asax或者Web.config文件被更改
3、Bin文件夹中的Web程序（DLL）被修改
4、杀毒软件扫描了一些.config文件。
更多的信息请参考PRB: Session variables are lost intermittently in ASP.NET applications

解决办法：

前面说到的sessionState标签中mode属性可以有三个取值，除了InProc之外，还可以为StateServer、SQLServer。这两种存Session的方法都是进程外的，所以当aspnet_wp.exe重起的时候，不会影响到Session。

现在请将mode设定为StateServer。StateServer是本机的一个服务，可以在系统服务里看到服务名为ASP.NET State Service的服务，默认情况是不启动的。当我们设定mode为StateServer之后，请手工将该服务启动。

这样，我们就能利用本机的StateService来存储Session了，除非电脑重启或者StateService崩掉，否则Session是不会丢的（因Session超时被丢弃是正常的）。

除此之外，我们还可以将Session通过其他电脑的StateService来保存。具体的修改是这样的。同样还在sessionState标签中，有个stateConnectionString='tcpip=127.0.0.1:42424'属性，其中有个ip地址，默认为本机（127.0.0.1），你可以将其改成你所知的运行了StateService服务的电脑IP，这样就可以实现位于不同电脑上的Asp.net程序互通Session了。(没有验证过)

如果你有更高的要求，需要在服务期重启时Session也不丢失，可以考虑将mode设定成SQLServer，同样需要修改sqlConnectionString属性。关于使用SQLServer保存Session的操作，请访问这里。

在使用StateServer或者SQLServer存储Session时，所有需要保存到Session的对象除了基本数据类型（默认的数据类型，如int、string等）外，都必须序列化。只需将[Serializable]标签放到要序列化的类前就可以了。
如：
[Serializable]
public class MyClass
{
     ......
}
具体的序列化相关的知识请参这里。

至此，问题解决

from:http://blog.csdn.net/lifuyun/archive/2007/12/07/1922291.aspx

------------------------------------------------------------------------------

PRB: Session variables are lost intermittently in ASP.NET applications

SYMPTOMS

Session variables may be lost intermittently in Microsoft ASP.NET applications.

When this problem occurs on a Microsoft Application Center 2000 cluster, the sessions will drop on the controller when antivirus software scans the Web.config or the Global.asax files. The scan will trigger a replication, causing sessions to be lost on each member server in turn as the file is replaced.

CAUSE

There are many possible causes for this problem. This article addresses one possible cause: session data that is lost because of antivirus software activity.

This problem can occur when antivirus software scans the Web application files. During the scanning process, the antivirus software may mark the Global.asax, the Web.config, and/or the Machine.config files as modified. This modification prompts the Microsoft .NET Framework restart the Web application. If the session data is stored in-process, all session data is lost whenever a Web application is restarted.

RESOLUTION

To resolve this problem, use one of the following methods:

•

Configure your antivirus software so that it does not scan .asax and .config files.

•

Contact the antivirus software manufacturer for instructions.

•

Configure your Web application to store session data out-of-process. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

STATUS

This behavior is by design.

MORE INFORMATION

Steps to reproduce the behavior

Note This sample assumes that your Web application stores session data in-process (which is the default behavior).

1.

Follow these steps to create a Web application in Microsoft Visual Basic .NET:

a.	Open Microsoft Visual Studio .NET.
b.	On the File menu, point to New, and then click Project.
c.	In the New Project dialog box, click Visual Basic Projects under Project Types, and then click ASP.NET Web Application under Templates.
d.	In the Location text box, type http://localhost/TestWeb1.
e.	Click OK to create the project. WebForm1.aspx is added to your project by default.

2.

In the Solution Explorer window, right-click WebForm1.aspx, and then click View Code.

3.

Add the following code to the Page_Load event procedure:

Response.Write("<b>Session Variable Test</b><br> <br>")
If IsNothing(Session("TestVal")) Then
    Response.Write("TestVal old value: <b>nothing</b>")
    Session("TestVal") = 0
Else
    Response.Write("TestVal old value: " & Session("TestVal"))
End If
Session("TestVal") += 1
Response.Write("<br>TestVal new value: " & Session("TestVal"))

4.	On the Build menu, click Build Solution.
5.	In the Solution Explorer window, right-click WebForm1.aspx, and then click View in Browser.
6.	In your browser, click Refresh. Notice that the page displays the initial value of the session variable as nothing.
7.	Click Refresh again several times. Notice that the initial value of the session variable changes to a number that increments whenever you refresh the page.
8.	Leave the page open in your browser.
9.	In Notepad, open the Global.asax file from your project's folder. The Global.asax file of this TestWeb1 project is typically located in the C:\Inetpub\wwwroot\TestWeb1\Global.asax folder.
10.	Move the insertion point to a blank line in the Global.asax file, and then press ENTER to add a second blank line. You must perform this step to mark the file as having been modified.
11.	Save your changes to the Global.asax file.
12.	In the browser, click Refresh again. Notice that the TestVal session variable displays an initial value of nothing. Your in-process session variables are lost.

REFERENCES

For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:

303881 (http://support.microsoft.com/kb/303881/) PRB: Session variables are lost in ASP Web applications

317604 (http://support.microsoft.com/kb/317604/) How to configure SQL Server to store ASP.NET session state

871042 (http://support.microsoft.com/kb/871042/) Why is my ASP.NET application restarting?