We have an asp.net web app that uses forms based authentication, and we are having an issue with IIS and authentication. You will be able to authenticate for, I'm just going to guess here an hour, after that hour when you try to login it will just redirect back to the login page. We have found that if you manually recycle the app pool the problem goes away for about an hour again. I refer to time but it could also be how many people are trying to authenticate. I'm not sure if it has something to do with virtual memory or worker threads. if someone could help me with this problem I would be very grateful.
Asked
Active
Viewed 456 times
0
-
The default session timeout is 60 minutes. So, increase it if you need but maintaining a session longer is not advised. – ADreNaLiNe-DJ Feb 29 '16 at 14:57
-
Its not a session issue because this occurs when you are trying to login, you put in your credentials and then you just get redirect right back to the login page. – llerdal Feb 29 '16 at 15:05
-
Before recycling app pool, do you look at the memory taken by your application (w3wp.exe process) ? – ADreNaLiNe-DJ Feb 29 '16 at 15:10
-
Yes it is around 300 mb with no one using the application. And after recycle it is at around 100 mb. Worth noting over the weekend I set the app pool not to recycle and this morning the IIS worker process is using 100% of the cpu. – llerdal Feb 29 '16 at 15:23
-
If there's a difference like this, you should have some memory leaks. You should try to find them before anything else. It can be a side effect (auth problems). – ADreNaLiNe-DJ Feb 29 '16 at 15:25
-
Yes I have done full memory dump analysis on the worker process and there is nothing that stands out. Is there anything else I should do? – llerdal Feb 29 '16 at 15:27
-
Nothing else than analysing the source code and find resources taht are not disposed, resources declared as static for which references are not released,... – ADreNaLiNe-DJ Feb 29 '16 at 15:30
1 Answers
0
This issue was solve by this thread: ASP.NET_SessionId + OWIN Cookies do not send to browser
It is a bug in the owin framework.
