I set EnableSessionState to ‘ReadOnly’, but in InProc mode I can still modify the session. Why is that?
Even those enableSessionState is marked as ReadOnly, but in InProc state, the user can still modify the session. The only difference is that the session will not be locked during the request. This limitation is by-design
Why aren’t my sessions expiring, I am using SQLServer mode
In SQLServer mode, session expiration is carried out by the SQL Agent using a registered job. Make sure your SQL Agent is running.
Will my session state be saved when my page hit an error? Will my session state be saved when my page hit an error? In Session_End, I tried to do some cleanup job using SQL but it failed. Why?
Session_End is supported only in InProc mode. Session_End is run using the account which runs the worker process (aspnet_wp.exe), which can be specified in machine.config. Therefore, in your Session_End, if you connect to SQL using integrated security, it will use that worker process account credential to connect, and may fail depending on your SQL security settings.
Why do I lose my Session variables on redirect when I set ‘cookieless’ to true
When using cookieless, you must use relative path (e.g. ..\webform1.aspx) instead of absolute path (e.g. \dir1\subdir1\webform1.aspx). If you use absolute path, ASP.NET cannot preserve your session ID in the URL.
Why do I get error ‘A generic error occurred in GDI+.’ when trying to save the bitmap file
May be the path of the file you are giving is wrong or you do not have write permissions on the specific folder.