How To Prevent Multiple Browser Windows From Sharing The Same Session?
Mar 25, 2010
I have ASP.net application that is basically a data entry screen for a physical inspection process. The users want to be able to have multiple browser windows open and enter data from multiple inspections concurrently. At first I was using cookie based sessions, and obviously this blew up.I switched to using cookie-less sessions, which stores the session in the URL and in testing this seemed to resolve the problem. Each browser window/tab had a different session ID, and data entered in one did not clobber data entered in the other.
However my users are more efficient at breaking things than I expected and it seems that they're still managing to get the same session between browsers sometimes. I think that they're copying/pasting the address from one tab to the other in order to open the application, but I haven't been able to verify this yet (they're at another location so I can't easily ask them).Other than telling them don't copy and paste, or convince them to only enter one at a time, how can I prevent this situation from occurring?
View 5 Replies
Similar Messages:
Mar 6, 2013
Preventing user to open duplicate web application,while it is running .....
View 1 Replies
Jan 27, 2010
I have a page where I display ASP.NET charts. There are two types of charts and I felt the need to separate them to some extent which I did by using a submenu which looks like this:
Charts > Goals Charts
> Reconciliation Charts
Clicking on either of the two chart links will take you to the same Charts.aspx page, but with the query string "Goals" or "Reconciliation" respectively. On the page load of the Charts.aspx page, I receive the query string into a session variable and create the correct charts based on that value. All of this works fine.
The problem I'm experiencing occurs when I open up a new tab in IE/Firefox. Here is the series of events I'm experiencing:
- In the original tab, I will click on the "Goals Charts" hyperlink which loads the Charts.aspx page with "Goals" as the charts type session value. The other controls on the page needed to produce "Goals" charts (eg. drop down lists, etc) are displayed correctly ie. the "Goals" version. At this point, I haven't done anything in this tab except for loading the Charts.aspx page from the "Goals Charts" link.
- In the original tab, I right click the "Reconciliation Charts" link and opt to open in a new tab (I just tested and the same thing appears to be working if you opt to open in a new window as well). When the new tab loads the Charts.aspx page, it loads with the query string "Reconciliation" which it stores in the session variable. So at this point I would expect to have two different, independent tabs: the original tab on the "Goals Charts" track and the second tab on the "Reconciliation Charts" track.
- This is where the problem occurs. I would expect the original tab/window to create a "Goals" chart when I make a selection using the other controls and I would expect the second tab/window to create a "Reconciliation" chart. The problem, however, is that when I go back to the original tab/window - the one which should be a "Goals" chart and which should have "Goals" stored in the session value - when I proceed to create a chart, it's a Reconciliation chart that is created.
Somehow, even though I'm in a different tab or window and I am navigating the site seemingly independently of the other tab/window, it seems to be carrying the most recently populated value from the session variable for both tabs/windows.
View 5 Replies
Mar 5, 2013
How to prevent multiple browser windows opening in asp.net ...
View 1 Replies
Aug 5, 2010
I have been spending a better part of a week trying to track down why I am not able to clear all session variables in a web app (vs 2010, vb.net). What I have tracked it down to is that when I remove or abandon sessions that my html pages or codebehind access, it works, but for some reason in any of my class files where I use "Public Shared strConnection as String = HttpContext.Current.Session("strConnection").ToString" to access a session variable, it finds the old one and not the current one. I have to wait for it to time out, go in again, and it will find the new one.
I do not use Linq, and there is only one place in the whole web app that I place the connection string in a variable whcih is when a person logs in. It points them to the correct database. The sqlconnection is set for all of my listviews in Page_Init to make sure that they aren't using any session variable that they create on their own. Interestingly enough that if I use debug to go in each time, exit debug, enter debug again trying to access a different database, it works correct each time. I assume that debug is correctly killing the session variable for the classes for me.
View 4 Replies
Mar 22, 2011
how to prevent the two session on a single browser ie: first i opening a site on mozilla then login after logged in . I am opening a new table with the same url login using different user after that suppose there is one link called view my profile on user home page if if click the link on first tab browser, it showing the user details on second tab browser user details ie: previous session.how to prevent or avoid this ?
View 6 Replies
Jul 10, 2010
So its a ASP.NET problem where two users using the same machine, same browser:
User 1 logs in the domain.
User 1 changes some data without saving it.
User 2 logs in the domain in a separate tab.
User 1 switches back to his tab and saves the data.
User 1 actually saved the data into User 2!!
This is caused by the following mechanism:
Different tabs in the same browser seems to share the same session id.
We are storing user auth in cookie and the cookie is shared between tabs (same domain)
Therefore, when User 1 request to save, it is recognized as User 2 since the cookie has been updated to User 2.
So I'm wondering if there's any other methods to prevent this from happening, other than:
1. Use cookieless session so the session is embedded in uri.
2. Always include a hidden field in page to indicate which user owns the page.
View 3 Replies
Jan 14, 2010
I managed to user to perform multiple log on from other IE window session in my web application if the same log on is currently being used.Unfortunately I have problem to control multiple log on if the user is logging in using tab browsing in the same session. I know this is due to the same session Id but is there any way to trace down to the tab level within the same session?
View 2 Replies
May 13, 2010
I'm storing some value in an asp.net session on the first page. On the next page, this session value is being read. However if multiple tabs are opened and there are multiple page 1->page 2 navigation going on, the value stored in session gets mixed up since the session is shared between the browser tabs.I'm wondering what are the options around this :Query String: Passing value between the pages using query string, I don't want to take this approach since there can be multiple anchor tags on page 1 linking to page 2 and I can not rewrite the URLs of each tag since they are dynamic.Cookies??? In-memory cookies are shared across browser tabs too, same as the session cookie, rite ?
View 5 Replies
May 26, 2010
I am sorry if this is been discussed earlier. I am having a problem maintaining the session when someone uses the same browser with multiple tab, the results gets messed up. A perfect example would be, [URL] if you open IE (or any other browser) and open two tabs and search for two different air travel itinerary and the results will completely overlapped (real mess). I know the cause for this problem (both tabs uses the same session). I would appreciate if somebody have any solution for this. I am using ASP.NET 3.5/VS 2008/VB.NETI will not be able to use Viewstate since I use a master page and pre-init event where view state is not available.
View 2 Replies
May 3, 2010
While working with mutliple tabs of same browser, session varibles/object gets over written with latest one.
Scenario in my application:
I have to create new employee on first tab(tab #1), and updating existing employee details on second tab(tab #2).I stored employee other details in Session["dtInfo"], use it on saving the record.Now Session["dtInfo"] having details of latest tab created, i.e. tab #2. I tried to save record on tab #1, facing the problem of session gets over written.I had to check some vaules on OnInit and OnInitComplete event. But I get here wrong values in session.
View 3 Replies
May 2, 2010
I'd like to stop IE8 from sharing my sessions in one of two ways (or both if possible):
Through configuring the browser to always do this (so I can force my users to configure their browsers in this way). Through code in my web application.
View 1 Replies
Apr 23, 2010
I have an asp.net application and webservices (asmx) that reside in the same application but not in the same folder of the aspx files. I aslo have a winform application that uses the webservices. I have marked the webservice methods with [WebMethod(EnableSession = true)] but I am not able to share the same session values that are on the application in the webservices. The winform application has access to the sessionID from the application and I am using the following code
Uri uri = new Uri(ServerServiceUrl);
_cookieContainer = new CookieContainer();
_cookieContainer.Add(new Cookie("ASP.NET_SessionId", SessionID, "/", uri.Host));
My question is: Is there something that I am missing or doing wrong that I cannot access the application sessioin from the webservices?
View 2 Replies
Aug 13, 2010
I have a website A which has a link to website B which is currently opening in a different window. When clicked on a link to, the login for B is automatically taken care of as both the websites have same user login credentials.
Now a change in the system has made me embed website B into website A. ie., B will open in the same window of A.. I could achieve this using an IFrame. Now, the session from site A needs to be carried out to site B. Presently, when navigated from A to B, all the sessions on A expire. Once navigated to B the session time out of B from the webconfig is taken. I have used "InProc" as my state management option in web config. Is it possible to maintain single session for both the webistes? If not how to continue same session times for both webistes? I do not want to use "SQL server" state mode.
View 4 Replies
Oct 18, 2010
I would like to share the session variables between 2 applications. basically I have a website and in there I have 2 applications and want to share the session object betwen the two. Is there a way to set something in web.config to enable this?
View 2 Replies
Jun 3, 2010
i want to maintain session data between two applications or domains [URL]. I have read on net about this, but many people pointing many different ways to do it, with people commenting +ve and -ve responses to all. Plus many are just providing theoretical answer, do this and that ,but no code at all. are these steps all that is required?
1) in web.config: <httpCookies domain=".[URL]"/>
2) store session data in sql DB as:(after preparing the db for storing sessions)
<sessionState mode="SQLServer" sqlConnectionString="Data Source=YourServer;
Integrated Security=True;database=MySessionDB" sqlCommandTimeout="30"
allowCustomSqlDatabase="true"/>
<machineKey decryption="AES" validation="SHA1" decryptionKey="..." validationKey="..." />
3)Am confused about this one: i want to set the domain for the session cookie like this
Response.Cookies["ASP.NET_SessionId"].Domain = ".[URL]";
But where should this code be written?
this entry: [URL]says: use System.Web.SessionState.SessionIDManager as a base class but the SaveSessionID method is not virtual so cannot be overridden. Options are: either explicitly re-implement the interface method or decorate SessionIDManager class and after calling SessionIDManager.SaveSessionID set Response.Cookies[SessionIdCookieName].Domain to our domain.
Only if the author had provided real code, step 3 would have been clear. Plus all this 3 steps enough to share session among the domains?
View 1 Replies
Jan 19, 2011
I have a .net webapplication with the following domains:
www.domain.com
sub.domain.com
files.domain.com
When a user is logged on to domain.com or sub.domain.com, I'd like them to share session state (i.e. be logged into both domains at once). This is possible to do by setting the domain on the session coookie to be ".domain.com". However, my problem is that the domain "files.domain.com" should not have session state due to security issues (xss attacks from user-made files hosted on that domain is an issue).
Is it possible in ASP.NET to use the same asp.net session id for these two domains, but not the third one?
View 5 Replies
Feb 3, 2011
After doing some research, I found that <sessionState> can be hosted in SQL Server allowing applications to read from the same source. Essentially my app has two sides: a WCF library and an ASP.NET MVC 3 web site, the WCF has authentication and other DB IO methods and the MVC does the display. Now, the MVC stores a value in the session and then the WCF reads it and creates another for the MVC to read later. Problem is, neither can read each others session data, they can write to the same repository but can't share.
How do I go about them sharing the same information? How can I tell <sessionState> that the session started on the MVC side is the same as the WCF side and viceversa? I've tried
View 6 Replies
Jul 14, 2010
i have two solutions, 1. user management and 2. travel management. i publish the user management solution to [URL] and i publish the travel management to [URL] here i face the problem. the default home page would be [URL], its a windows authentication in page load, i capture the username, pass it to procedure which will fetch me his credentials on access. i store these in a session.
in the home page i have link to navigate to travel page, when i try to access the sessions in travel page, its empty. i tried printing the session id in both user management and travel, both are same but the sessions created in user management are empty in travel. what would be problem here and how can i resolve this.
View 2 Replies
Mar 22, 2010
I am trying to fix an ASP.NET site that a friend had botched converting from older technologies. To the user, the site appears to have public and secured sections. Behind the scenes, the public and private sites are separate web applications with separate app pools. The difficulty arises because it appears that the applications share the same session IDs (when going from the public to the secured pages, the session ID remains the same), yet none of the (InProc) session variables are getting passed from the public site to the private one. Basically, the workflow consists of the user checking a checkbox ("I agree" type of stuff) on the public site (let's call that page http://www.boring.gov/iAgree.aspx), then logging in on the secured site (let's call that page https://www.boring.gov/login.aspx). The commandments from the parent agency in DC are that the user may not bookmark the login page, the user has to click "I agree" every time they log in, and that the "I agree" stuff has to be on a separate page. What am I missing? How would you do it? Notes:dows 2003 server.2 - Yes, it is a government agency.3 - I would have done things very differently if I was doing the conversion, but I wasn't brought in until the poop hit the fan, and it is too late to redo things.4 - Two previous SO threads that appear to be related, yet don't apply are this and that
View 4 Replies
Mar 11, 2011
We have about 50 web-sites, running in different application pools, that read from a common cache database (using Microsoft Enterprise Library Caching application block). We currently have a console application which populates the cache at 3AM every morning. However, we want to get rid of this application and get the cache to automatically refresh expired items, using the ICacheItemRefreshAction interface.
We were going to create our cache object in the Global.asax of each of the 50 web-sites. However, my concern is that if we set a cache-expiration policy in Global.asax, that each of the 50 web-sites will trigger a refresh action, causing the data to be re-cached 50 times. We don't want only 1 web-site to set the expiration policies, as then the 49 other web-sites will have a dependency on that 1 web-site, and that's an architecture no-no.
View 2 Replies
Jul 14, 2010
I have 2 applications App1 and App2 on same domain, both with Forms authentication, each using a different database instance for authentication.
First, I open a browser with application www.mydomain.com/App1 and log on.
After that, when I open another instance of the same browser with application www.mydomain.com/App2 and log on, first browser loses session and goes back to login page.
I need each application on same domain to have its own session so that both can stay logged on.
View 2 Replies
Jun 25, 2010
I'm implementing the session sharing structure from this link for an ASP classic site to begin the gradual conversion process to ASP.NET. I'm trying to extend the cookie expiration time so that users do not get signed out of the site when the session expires. At the place where the cookie is created in SessionPage.cs I've added the line in the CreateNewSessionCookie() method: cookie.Expires = DateTime.Now.AddDays(14);
Now this works fine, however, it only works if the user first visits an ASP.NET page, and then visits the ASP classic pages. It doesn't work if visiting an ASP classic page first (looking at the cookie through firefox confirms that different expiration values are given based on if I visit an ASP or ASP.NET page first.) I'm still a bit fuzzy on the mechanics behind this implementation as I don't have a complete understanding of session and cookie handling. However, I would have thought that the VB6 SessionMgr object is calling the SessionUtility DLL, and thus is using the same code to issue the cookie. I have re-registered the SessionUtility using gacutil, and re-exposed it using regasm. How else is the cookie being issued when a user accesses an ASP classic page? How can I change the expiration time?
View 1 Replies
Apr 7, 2010
Is it better for a collection of ASP.NET web apps to share the same session database, or should each one have its own? If there is no significant difference, having a single database would be preferable due to easier maintenance. Background My team has an assortment of ASP.NET web apps, all written in either Monorail 1.1 or ASP.NET MVC 1.0. Each app currently uses a dedicated session state database. I'm working on adding a new site to that list, and am debating whether I should create another new session database, or just share an existing one with another app.
View 1 Replies
May 5, 2010
I am trying to add multiple CSS files across several projects and have added them as a "link" but when I build my solution it does not copy the files. Is there any way to share a bunch of CSS files across several projects?
View 7 Replies
