Editors asked to login again after 5-10 minutes of inactivity

Vote:
 

Hi all

We have a problem with our editors being asked to login agan to the Episerver CMS editor. The problem occurs if they don't have any action on the site for 5-10 minutes.

We are running on a site with two frontend servers, so it is very likely that they suddenly hit the oter frontend server after the 5-10 minutes without activity. At least the problem went away, when we disabled one of the frontend servers in the loadbalancer.

I have tried to activate SQL Server session state, in case the session was somehow involved with the login. That din't fix the problem.

Do you have any suggestions as to what i can look for?

Regards

Anders

#172371
Dec 01, 2016 13:34
Vote:
 

I guess you are on to the root cause of the problem, load balancing...

Share session / sticky sessions are a good first step. 

Same machinekey is another...

Anyone got more?

#172374
Dec 01, 2016 14:21
Vote:
 

Machine key sounded very likely, since the frontend servers are most likely based on the same virtual machine image.

I have tried to generate keys on all frontend servers using IIS manager.  Unfortunately it didn't seem to change anything. I'm still asked to login again after an idle period.

Could there be an idle timer in Episerver that I'm missing? Or a setting in web.config? I have tried to set the session timeout to 720 minutes.

I would prefere not to use session affinity, if I can.

#172381
Edited, Dec 01, 2016 15:23
Vote:
 

Configured remote events for triggering cache updates etc? Seems unlikely that it's that but...you'll need it anyway so...

#172383
Dec 01, 2016 16:13
Vote:
 

What kind of authentication are you using? Owin or the ASP.NET providers? If the latter you have to set the cookie expiration/timeout:

<system.web>
		<authentication mode="Forms">
			<forms name=".EPiServerLogin" loginUrl="Login.aspx" timeout="50000000" defaultUrl="~/" />
		</authentication>
</system.web

The max time is 50000000, I think.

#172391
Dec 01, 2016 18:24
Vote:
 

Thank you very much for your input.

I have configured remove events using UDP, however I have a feeling that they are not working properly. That is something else I need to look at soon :) We are in the early stages of our project, and so far, it is only the QA environment we are wokring on.

We are using forms authentication at this point. It will most likely change later,  but right now we use the default authentication mechanism that come with Commerce. The timeout is currently set to 120, which I expect to be 120 minutes.

#172401
Dec 01, 2016 22:16
Vote:
 

The problem turned out to be the machine keys after all.

A colleague of mine is apparantly better at reading than I am. I had just generated random keys on each server, but he found out that we should use the same machine key on all Episerver servers. After that fix, the problem went away.

Again thank you for your help and good suggestions.

Regards

Anders

#172422
Dec 02, 2016 11:48
Vote:
 

Sweet! Load balancing can sure cause some nasty bugs :)

#172428
Dec 02, 2016 13:27
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.