I have two sites desigined on ASP.net MVC 2 pattern. I want to redirect from one site to another with the help of Redirect(url) action result. My problem is that I am able to redirect to other site but my session gets lost. Is there any way by which I can retain the session value? My constraints are I cannot use the sql membership provider, cookies and querystrings
View 19 RepliesI need to make my asp.net session cookie as secure but whenever i check user authentication and after that i am trying to set cookie to true then my session lost my user information and so it always redirect login page. I am settings user to HttpContext.Current.Session["user"] and check every time, is user is valid and if valid then move ahead. but before that i make my asp.net session cookie as true.
[Code]....
but after that i observe that somehow "Session_Start" event gets called.
I have the following code in my global.asax, but id did not get redirecet to the timeout.aspx in 1 min
[Code]....
Am doing wepsite for show images from local drive using asp.net.am using session object for Transfer image path from first page to second page its running nice in vs 2003 .but i converted this website to vs 2005.but session value does't pass to next page.i got null value in session object. am using inproc session mode
View 3 RepliesGiven this Global.asax.cs:
using System;
using System.Web;
namespace Foo.Web {
[code]....
User hits webapp and is shown Introduction.aspx
User continues using webapp for a few minutes (ASP.NET_SessionId: ublbhu45ji31e055ywqu0555)
User falls idle (doesn't perform any postbacks) for a few minutes
User performs postback
User is shown Introduction.aspx
Second inspection of user's ASP.NET_SessionId cookie still shows ublbhu45ji31e055ywqu0555
Why is the user shown Introduction.apsx the second time inside the same ASP.NET Session? I'm familiar w/ the risk in setting session variables just before a redirect in the same postback, but that doesn't apply here, right?
I do not know why, but every time I add a ModelErrror my session is lost. Someone tell me how I can work around / fix it?
Session[CtSessionName + SessionId] = _ListaAcaoMenuInfo;
AcaoMenuInfoExt _SelecionadoAcaoMenuExt = _ListaAcaoMenuInfo.Where(p => p.Id_acao == id).FirstOrDefault();
if (_SelecionadoAcaoMenuExt.Is_AcaoInicial)
{
ModelState.AddModelError(String.Empty, "Error! Try Again, and Again, And Again!");
}
I created asp.net application on alumni information database.After logged in it redirects to page i wish but the problem is the page i am redirected is not holding the user logged information. it just simply showing as annonymus user.
View 5 RepliesI have logged in to the application and naviagate to Resource Editor page where it allows user to enter the value and saves to the resource file of the application.
After user clicks save button and navigate to different page the session value becomes null.
If the user navigate to different page without clicking save the session variable has its value
In my app. I redirect user from one domain to another and I need to preserve the session object while redirecting between domains.
I need to be able to read session key/value that is created under different domain, for example -
While in domain A.com:
create session variable - session("myASPString") = "Test string"
redirecting to domain B.com
While in domain B.com:
dim k as string = session("myASPString")
right now k = Nothing...
How can I preserve the session object between different domains ?
I have session variable that is created in EditPlaylist.aspx. Edit.aspx is loading EditPlaylist.aspx in an iframe. when loading sessions from EditPlaylist.aspx page they are null. the session was not before I added the EditPlaylist.aspx to an iFrame. Is there a workaround for this?
View 1 RepliesI'm learning asp.net mvc 2, it's very excting with me.
I has built a small MVC2 application, it is working fine in built it ASP.net Development Server. However, there're something wrong when have it deployed in IIS 7.5, Window Server 2008 R2 Enterprise. Session is awlays null when I access the application by IE and use hostname to specify the url.
Using IE (IE 7 or IE8) to access my application with link [URL] every working fine
But when I use IE (IE 7 or IE8) to access my application with link [URL] session always null
I'm supprised while FireFox working fine in all cases, both of built in ASP.net Development Server and IIS server, both cases hostname and ip and localhost.
i'm using session variables for send variables between aspx page and it works fine ...but after some time of inctivity(user) in the page the sessions is los...how can i resolve this issue ? this is my code below how to send session :
protected void Lst_Interv(object sender, EventArgs e)
{
Session["Id"] = gdMedical.SelectedRow.Cells[0].Text.Trim();
Session["Service"] = gdMedical.SelectedRow.Cells[6].Text.Trim();
Session["Nom"] = gdMedical.SelectedRow.Cells[2].Text.Trim();
string pageurl = "LstIntervention.aspx";
Response.Write("<script> window.open('" + pageurl + "','_blank'); </script>");
}
I had a .net 4.0 vb.net page that was setting session variable and setting a hidden form value to the same value. It was a paypal buy now button. When the user selects it, they are sent to paypal for payment. If the transaction is good, they are redirected back to another page on my site and a hidden value is sent back with the invoice I originally sent them. They are sending the form value, but my session variable does not available.
From the user point of view it's all seamless.. Is it the same session? And should my session variable be available?
my web app doesn't use authorization in web.config, but i want to detect when a session has expired and redirect to the home page.I have searched and found solutions that rely on the web app using authorization. Other solutions have implemented a user control to drop in every page.Obviosly i don't want to manually check for null on every session variable on every event of the web app, so i want the app to do it automatically.
<sessionState timeout="120"></sessionState>
<authentication mode="Forms">
<forms name="myappCookie" loginUrl="~/index.aspx" timeout="120"/>
</authentication>
doesn't work for me since i don't have allow or deny settings, since my app doesn't need authentication.
I'm creating a site. Below is my authentication tag and session tag in web.config
<authentication mode="Forms">
<forms protection="All" loginUrl="Pages/Log In/Login.aspx" name=".ASPXFORMSAUTH" cookieless="UseCookies" requireSSL="false"
defaultUrl="Pages/Common/Default.aspx" enableCrossAppRedirects="false" slidingExpiration="true" timeout="30"path="/">
</forms>
</authentication>
<sessionState mode="InProc" timeout="30" cookieless="false" cookieName=".ASPSession"/>
And I have a custom Membership Providor....
<membership defaultProvider="SqlMemberShipProvider" userIsOnlineTimeWindow="15" hashAlgorithmType="">
<providers>
<clear/>
<add
name="SqlMemberShipProvider"
type="RoalManagement.SqlMemberShipProvider"
connectionStringName="SqlServices"
enablePasswordRetrieval="true"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
writeExceptionsToEventLog="true"
applicationName="OnlineOnTheWeb"
minRequiredPasswordLength="6"
passwordStrengthRegularExpression="^.*(?=.{6,50})(?=.*[a-z])(?=.*[A-Z])(?=.*[dW]).*$"
maxInvalidPasswordAttempts="3"
requiresUniqueEmail="true"
/>
</providers>
</membership>
Now in login page after firsttime login i set some session data... like
protected void Login_LoggedIn(object sender, EventArgs e)
{
//.....
Session["EMPLOYEELOGGEDIN"] = "Y";
//.....
}
Now say i close the browser... and next time when i open the site it takes me directly to the default page [Login_LoggedIn is not called accordingly]... because i'm already logged in for 30 mins acc. to configuration. but as my session id gets changed i can't access Session["EMPLOYEELOGGEDIN"] from any page in this time. It always returns null. But how do i get back the previous session for that person?
I'm evaluating using Ajax in a new project and so I've developed a simple web page to test a few things, however even the simplest task seems to cause my session to be cleared. I am using VS2008 with .Net 3.5 SP1 and the page is in my existing solution which has several custom handlers and modules in the web.config. Below is the code I'm using, it's a simple test which puts a variable into the session then on the buttons postback tries to get the same variable, however it always fails as the session is blank.
The Default.aspx code snippet
<form id="form1" runat="server">
<asp:ScriptManager ID="ScriptManager1" runat="server" /> [code]....
I have an asp.net login page, which when initialized sets some session variables. When the user clicks login, an AJAX request is made which validates the user and sets additional session variables and returns a result to the client. The client is then redirected based on the login result. In the redirected page, I can access the session variables set when the login page was initialized (i.e. before the login) but none are present for those set during the login validation (part of an ajax call).
is this expected behaviour? Why would an ajax call generate a new session and thus cause the data to be lost?
I am setting a Session variable in an HttpHandler, and then getting its value in the Page_load event of an ASPX page. I'm setting it using
public void ProcessRequest(HttpContext context)
{
HttpPostedFile file = context.Request.Files["Filedata"];
context.Session["WorkingImage"] = file.FileName;
}
(And before someone suggests that I check the validity of file.FileName, this same problem occurs if I hard-code a test string in there.) It's working just fine in IE, but in Firefox the Session Variable is not found, getting the "Object reference not set to an instance of an object" error in the following code:
protected void Page_Load(object sender, EventArgs e)
{
string loc = Session["WorkingImage"].ToString();
}
Has anyone encountered this problem - and hopefully come up with a means for passing the session variable?
I created HttpHandler class in ASP.NET and configured a website to handle any request with the *.test path.
public class GameHandler : IHttpHandler, IRequiresSessionState
{
public bool IsReusable
{
get
{
return false;
[Code]....
I suspect the problem is that ASP.NET doesn't know these requests sent from javascript belong to the same session and that's why the Session values are lost.
I have this code in the end of link button click:
Response.ContentType = "application/zip";
Response.AppendHeader("content-disposition", "attachment; filename=download.zip");
Response.TransmitFile(Server.MapPath("download.zip"));
Response.End();
Response.Flush();
to download a zip file from an aspx page.In the previous page i set a session variable, after going to this download page and download the file, then press back i find the session=null "this happen after downloading more than 1 time", and the application_end in global.ascx called. Do you know why this may happen??Note: this is happening on all browsers, on IIS7 both local and on my server.
I've got an ASP.NET MVC app running under IIS7. It's using the default in-proc session management, which, according to all that I read, should lose the users' session after an app pool recycle.It doesn't seem to be losing it though. Even an IIS reset doesn't lose the session.Has something changed in IIS7 that keeps the session alive?
View 1 RepliesI am developing an application using Visual Studio 2010 and SQLServer 2008. My application has two pages and the first page contains a GridView with all the records "User Administration" and when user click on any Username (template field ->linkbutton) I read the USERID like this.
Session["UserID"] = e.commandArgument;
Response.Redirect("UserOperations.aspx");
which takes it to the Data Entry page where user updates the information and save the data.
The problem i am facing is that when I hit the browser REFRESH button couple of times the session variables looses the value which is trouble for me as I am using Session Variables for different purposes.
I have an ASP.NET 2.0 site that stores a user's ID in session to indicate that they are logged in. In some situations, the user doesn't appear to stay logged in. I've been monitoring traffic in Fiddler, and some details I've found: The problem is 100% repeatable on an older laptop of mine when running IE7 and the project manager's laptop when running IE7. The problem does not ever occur on my current laptop running IE7, or any of these laptops when running FF. The problem occurs only in production--not on development, internal staging, or client staging. Production is the only load balanced environment, but the repeatability noted above makes me question load balancing as a factor.
When the page which sets Session("ID") = 1 sends a response back to the client, I can see a "Set-Cookie" header in all cases, which is creating the ASP.Net_Session_Id cookie (and it's HttpOnly). Subsequent requests to the server will send that cookie in the header on machines which are not exhibiting the problem, but not on machines that are, so either the cookie is getting deleted or the "Set-Cookie" header is being ignored.
The way logging in works is as follows: a page on [URL] has an iframe. The source of that iframe is a page on [URL]. A variety of pages served from [URL] take the user through the login/register process. The final step of [URL] is to redirect to a page back on [URL], including the user's ID in the querystring. This page on [URL] typically stores the ID in session, and then runs some JS to redirect the top level document to a new page, thus taking the user out of the iframe. This is a process that has worked for several years, with several values of [URL]. The one thing that may be different here is that in this case, the JS is simply destroying the iframe and some containing div's.
Another difference I see between scenarios where the problem occurs and where it doesn't is in the Google Analytics cookies. There is a difference when [URL] does its redirect to [URL] inside the iframe. When the problem does not occur, the request for SaveTheID.aspx includes a variety of Google Analytics cookies (__utma, __utmz, etc). When the problem does occur, this request does not include all the GA cookies (it's missing __utma, __utmz and __utmb). Production is the only environment where [URL] runs under SSL, so I thought that may be related. But we temporarily set up our staging copy of [URL] to use SSL, and that had no effect.
I am using Session ID Manager in all the pages of the website, but I am losing session variables in between the pages. what should I do to save the values of session variables.
Anoop
I have session variable that is created in EditPlaylist.aspx. Edit.aspx is loading EditPlaylist.aspx in an iframe.
[Code]....