When a user logs into LobbyCentral, a session object is created, and used to retain required data while the user is logged in. If a user loses the session object, he/she is sent back to the Login page.


Factors That Can Destroy A User's Session Object

  • user clicks the Logout button
  • user closes the browser
  • the session object is 10 hours old
  • rebooting the web server
  • restarting IIS
  • restarting the LobbyCentral application pool
  • third-party scanning programs such as Anti-Virus, Malware, etc.
  • low server memory


Types of Session Storage

LobbyCentral offers two types of session storage: In Process (default) and SQL Server.

  • In Process storage: Objects are stored in the server's memory and controlled by IIS. This is why objects are destroyed if the server is rebooted or IIS is restarted.
  • SQL Server storage: Uses a SQL database to manage session objects. This provides a more reliable method of retaining objects, as it is not affected if IIS or the LobbyCentral server is restarted (if SQL resides on a different server).


Temporary SQL vs Persistent SQL

SQL Session state can be configured as Temporary or Persistent. The difference between the two modes is, with Temporary, all sessions are lost if the SQL server is rebooted, or the service is restarted. Temporary is recommended for SQL Express installations.


How to Switch to SQL Session State

SQL Session state is recommended if users are constantly redirected to the Login page. Before proceeding, all users must be logged out. This includes kiosks and QMonitor.


Setting up Persistent SQL Storage (recommended for SQL Server)

1. Log into the LobbyCentral web server with an administrator account.

2. Go to c:\windows\Microsoft.NET\Frameworks\v4.0.30319

3. Create the ASPState database by executing this command: 


aspnet_regsql -ssadd -sstype p -S <dbServerName> -U <username> -P <password>

dbServerName: IP or name of the database server
username: domain or SQL account that has db creator rights (using sa is recommended).
password: user's password


4. Connect to the database server using SQL Management Studio.

5. Verify that the ASPState database was created.

6. Expand Security and right-click on Logins and select New Login.

7. Set the login name to 'sessionStateUser' and select SQL Server Authentication.

8. Enter a strong password.

9. Un-check" Enforce Password Expiration" and "User must change password".

10. Click User Mappings.

11. Check the Map box for the ASPState database.

12. Check "db_owner" under roles.

13. Click OK to save the account.

14. Make a backup of c:\program files\fuhr software\lobbycentral\web\Web.config

15. Open web.config in Notepad. Locate the <sessionState> tag and change it to the following:


<sessionState mode="SQLServer" sqlConnectionString="Data Source=<dbServerName>;User ID=sessionStateUser;Password <password>" timeout="720"/>

Parameters:
dbServerName: IP or name of the database server
password: user's password

  

16. Save and close the file.


Setting up Temporary SQL Storage (recommended for SQL Express)


  1. Log into the LobbyCentral web server with an administrator account.
  2. Go to c:\windows\Microsoft.NET\Frameworks\v4.0.30319
  3. Create the ASPState database by executing this command: 

aspnet_regsql -ssadd -S <dbServerName> -U <username> -P <password>


  

Where:

  • dbServerName: IP or name of the database server
  • username: domain or SQL account that has db creator rights.  (using sa is recommended)
  • password: user's password

 

4. Connect to the database server using SQL Management Studio.

5. Verify that the ASPState database was created.

6. Expand Security and right-click on Logins and select New Login.

7. Set the login name to 'sessionStateUser' and select SQL Server Authentication.

8. Enter a strong password.

9. Uncheck "Enforce Password Expiration" and "User must change password."

10. Click User Mappings.

11. Check the Map box for the tempdb database.

12. Check "db_owner" under roles.  If you do not want to grant this role, you must grant the user Read/Write/Delete rights to the ASPStateTempApplications and ASPStateTempSessions tables. Consult with your database administrator for assistance.

13. Check the Map box for the ASPState database.

14. Check "dbo_owner" under roles

15. Click OK to save the account.

16. Make a backup of c:\program files\fuhr software\lobbycentral\web\Web.config

17. Open web.config in Notepad. Locate the <sessionState> tag and change it to the following:


<sessionState mode="SQLServer" sqlConnectionString="Data Source=<dbServerName>;User ID=<username>;Password=<password>" timeout="720"/>

Where:

  • dbServerNameIP or name of the database server
  • username- name of the user created in step 7
  • password- user's password

 

18. Save and close the file. 


Note: You will not see any tables under ASPState. The tables will be located in the tempdb database in System Databases.


Testing The Configuration

Once the steps have been completed, perform a login test. If no errors are shown, the configuration was a success.

You can also verify that sessions are being written to the database by viewing the AspStateTempSessions table in the tempdb database for temporary, or ASPState database for persistent.


Purging Expired Sessions

A SQL job is automatically created that will purge expired sessions from the table. By default, the job is configured to run every minute.


SQL Server Users

You can change this schedule by editing the ASPState_Job_DeleteExpireSessions job located in SQL Server Agent > Jobs.


SQL Server Express Users

You will need to manually execute the stored procedure DeleteExpiredSessions found in ASPState database > Programmability > Stored Procedures. It is recommended to run this script every 30 days.


Switching Back To In-Process Session State

1. Make a backup of c:\program files\fuhr software\lobbycentral\web\Web.config

2. Open web.config in Notepad.

3. Locate the <sessionState> tag and change it to the following:  <sessionState timeout="720"/>

4. Save and close the file.