SQL Server Session data and Forms auth

Question

I have to use SQL Server to store session data and forms auth for logging in. Something weird is going on where the session is ending and I lose all session data but the forms auth isn't kicking them to the login page. Here is my web config set up for this:

<authentication mode="Forms">
   <forms loginUrl="Login.aspx" timeout="2880" path="/" protection="All" 
          defaultUrl="Default.aspx"/>
</authentication>
<authorization>
  <deny users="?"/>
  <allow users="*"/>
</authorization>
<sessionState mode="SQLServer" customProvider="AppFabricCacheSessionStoreProvider" 
              sqlConnectionString="" timeout="30" allowCustomSqlDatabase="true">
   <providers>
      <!-- specify the named cache for session data -->
      <add name="AppFabricCacheSessionStoreProvider" 
           type="Microsoft.ApplicationServer.Caching.DataCacheSessionStoreProvider" 
           cacheName="dev-advisorlynx" sharedId="OrionShared"/>
   </providers>
</sessionState>

this might be useful : http://stackoverflow.com/a/17165067/1236044 — jbl, Sep 05 '13 at 15:59

score 0 · Answer 1 · answered Sep 23 '13 at 23:40

Forms auth is managed by the forms authentication cookie. Session state is managed by the ASP.NET_SessionID cookie. You could be losing one and not the other.

Check the cookie traffic using HTTP watch or by checking the IIS logs. They may be scoped differently for whatever reason (e.g. they may have a different domain or path, or one of them may be expiring).

SQL Server Session data and Forms auth

1 Answers1