IIS 5 & IIS 6
Session not maintained in IE8
Last post Jan 31, 2011 04:38 PM by HCamper
Jan 27, 2011 06:41 PM|kka_anand|LINK
Recently, we have faced a problem accessing an ASP application with the IE 8.
One of our customer updated his browser version from IE6 to IE8 and browed an ASP application. while browsing the asp pages, the session was broken and redirected to the login page. This problem we are facing only in IE8 not in IE6.
Can anyone guide us to resolve this problem.
Thanks & Regards
Jan 27, 2011 07:03 PM|tomkmvp|LINK
the session was broken and redirected to the login page.
Can you give the code details on how this is handled?
Does it happen for all IE 8 browsers?
Jan 27, 2011 07:08 PM|HCamper|LINK
It appears to be IE8 Browser setting
I belive since the customer made the switch the settings are "default"
the "default" is not to "Always Allow Session Cookies"
this is where ASP.NET may be having problems in the "Session State" handling.
You may wan't to consider changing the "Session State" mode to "uri" if your
application & code will allow.
How to change IE8 Settings:
Have the customer while in IE8 open the "Internet Tool Options"
then have them go to the Privacy Settings open the tab
then select the "Advanced Tab"
have them "Use Over Ride Settings"
have them select "Over Ride Automatic Cookie Settings"
then have them select the "Always Allow Session Cookies"
there are two other cookie settings for first & third party cookies
have them pick the one they prefer.
have them close the tab and ext the tools section.
They need to Exit the IE8 Browser.
Then have them try the site again.
Post results & questions to this thread.
Jan 28, 2011 01:54 PM|kka_anand|LINK
I have already applied this settings and applied it now as well. It doesnt work. We have this problem only with IE8. Those who have version lesser than IE6 can access the application without any issues.
Jan 28, 2011 05:50 PM|kka_anand|LINK
It happens in IE 7 and above.
Jan 29, 2011 06:16 PM|HCamper|LINK
Sorry that the normal configuration changes did not resolve the problem.
Can I suggest some items to check out?
This is going to be a problem for your code and customers noew & in the Futue.
A) If your coding allows change session managemnt to using the "State Database Model",Use URI,Aspnet Database in place
of the cookie and Windows Authentication methods.
B) You might consider get a license for use of the IEAK tools to create a custom installer
for your customers you add your Branding and it might even be considered as value added
by the time & effort.
C) You may find it of use to visting the Spring Borad site at Technet they have information
about moving from IE6 to IE8,IE9 as part of migratting sites,code & customers.
D) Your not the only one having the issues the resouces at Technet are free or low cost
to make your life less troubled.
I Hope you can get the issue fixed for you particular situation.
Post questions & issues to this thread.
Jan 31, 2011 02:07 PM|dustinn77|LINK
following his thread from over at the ASP.Net forums, this poster is asking for a resolution for a ASP problem, not an ASP.NET problem. Some of the resolutions being posted are for ASP.Net and are not applicable for his (Classic) ASP problem
Jan 31, 2011 03:36 PM|HCamper|LINK
Thank you for watching this thread & discussion topic, ASP upload topic
you did how ever miss
providing the link you have for the ASP.Net Forum.
The Issue(s) for this discussion
are for how sessions,cookies are being
mananged via code,server,browser and the mode(s).
The server requires some form of sessions management if your using
anything other than "Anonymous" access to the site & user information.
The code can be ASP or ASP.Net acccess to run the code and the management
of the Account(s) & Users is still set by the Web Server.
If you use Forms as the type of management
then the Form can be ASP or ASP.Net Logon that has code to do the validation of Account,User
the code needs to verify the User,Password in a database in SQL Server,MySQL Server,ASP Net DB.
All of the validation code & methods are left to the developer to implement.
The issue here is the use of "cookies" mode of management.
There have been changes to "Security Restrictions"
in IE7,IE8,IE9 that are blocking session cookies use to protect the user information.
The posted suggestions are for moving away from the "cookie" management or providing
a "Custom" Browser set-up.
Jan 31, 2011 04:24 PM|tomkmvp|LINK
At this point we have no idea how sessions are being handled as the OP never responded to my original request for those details ...
Jan 31, 2011 04:38 PM|HCamper|LINK
Hello @ Tom,
I Aggree the more code being & information would be of use.
I simply was trying to make it clear that ASP,ASP.NET code
does not exclude the IIS Server modes of session management.
The recent post by another user raised the questions.