Random Logout - Githubissues

shorttp commented 9 years ago

Hi Adrian,

I'm not sure if this is a Harbour Redis specific issue. I've hooked up Harbour Redis and it is working. However, for some users, they randomly get logged out of the application. When I view the Redis CLI, the data for their redis session gets wiped out. We are storing the following in Session (I'm mostly using the HttpContext.Current.Session):

Custom objects (but they are all marked with the Serializable attribute). The custom objects are made up of strings and integers

We did have an issue with Telerik reports wherein they were storing data in the session, but it was raw data and was not being converted into the byte array format Redis is expecting. I managed to create a workaround such that it would not be an issue.

In terms of Redis, are there any limitations or gotcha's that one needs to worry about when using Session? Is there something that I may not be aware of?

Note: I am using the MS OpenTech version of Redis

Thank you!

TheCloudlessSky commented 9 years ago

Hey @shorttp,

The users being logged out shouldn't have much to do with the RedisSessionStateStore since the session is independent of the authentication state (unless you're manually calling Session.Abandon() somewhere). Are you checking if the Session exists anywhere and then logging out? Is this MVC or WebForms? Why type of authentication are you using?

In terms of how it's all stored, this library uses straight binary serialization (which of course isn't ideal, my other Redis-based projects allow you to customize the serializer).

To debug the issue, try adding some production logging during on the Session.End event and see what's triggering it (Stack trace etc.)

PS - You may also want to consider switching to Microsoft's Redis SessionStateProvider since it's identical (and most people have moved to it for better support).

shorttp commented 9 years ago

Hey Adrian,

Thanks for the response! I really appreciate the help you've given so far! Answer to your questions:

The site is Asp.net mvc 4
Using ASP.Net MembershipProvider (not simple membership) for Authentication
In terms of Session.Abandon(), it is called, but only when the user clicks on the logout link
I'm storing a few List
in session which are using is autocomplete drop downs. When the user uses the system, it works fine the first 2-3 times but then afterwards they get JSON errors. The interesting thing is if I switch back to use the aspnet_state server, it does not occur. Here is a sample of the List
that is being stored:
[Serializable] public class DiagnosticCodeFormattedAutoComplete { public string DiagnosticCode { get; set; } public string DiagnosticCodeDisplayText { get; set; } }

Which is thus being stored in the session as List. My best guess is something may not be serialized correctly which is causing the value in Redis to be somehow lost and may be triggering a session end.

In terms of Microsoft's Redis SessionStateProvider, I had found that but it looks like I have to manually store it in redis wherein your version allows me to use session and the only changes I have to make are to the global.asax and web.config (unless I am wrong). I'd like to use your version and avoid the extra work if possible.

shorttp commented 9 years ago

Hi Adrian,

My mistake in regards to Microsoft's Redis SessionStateProvider. I was looking at something related but it used Redis it directly. I'm giving this a try to see if it makes a difference.

TheCloudlessSky commented 9 years ago

What's the stack trace for the JSON errors? This library doesn't use JSON serialization or do you mean your JSON serializers fail because the data doesn't exist? Is the session data expiring? After the session times out, the data is cleared from Redis. We (and several other projects) used this library with 100 req/s without any issues. Trying hooking into the Session.End event and see what's causing the session to be killed.

shorttp commented 9 years ago

Hi Adrian,

Sorry for the late reply.

The JSON serializers are failing due to the data not existing. The session data itself seems to be expiring. The odd this is this occurs while actively using the application (I've left the default timeout value as 20 minutes). When I use the redis cli, and I look at the keys, they seem to have an entry called "items". From what I can tell, all session values are stored here. This particular entry gets emptied.

I haven't hooked into the Session.End event as of yet. If I get a chance to do so, I will take a look and let you know.

I've been implementing the RedisSessionStateProvider from MS along with the MS OpenTech Redis implementation and so far everything is working great. I haven't had any random logout issues and everything appears to be smooth.

TheCloudlessSky commented 9 years ago

Yeah - I'd really have to see a StackTrace during the Session.End event and also see how else you're using it. Like I said, I've basically stopped supporting this because of MS's provider (though it's not open source :disappointed:) but also because we stopped using session state as it has really bad performance under high loads (control over locking is a pain).

Anyways, I'm going to close this since everything is working for the MS provider. But, you can add any more details you find to this issue and I can investigate.
- © Githubissues.
- Githubissues is a development platform for aggregating issues.

TheCloudlessSky / Harbour.RedisSessionStateStore

Random Logout #27