State Management :: New SessionID For Each Request In IE ?
Jul 8, 2010
I have ASP page that host an ASP.NET page in iframe. When I test this in FireFox all work ok but when I use IE the ASP.NET page is creating a new sessionID for each request. it only work if I change the IE Privacy settings allow session cookies .
I have an ASP.NET page that has a wizard control. I need to see if the same user is working on the page so I first time I insert a record and next time I update database records. I am using Session.SessionID to check if the same user is working on the page, but on every postback, SessionID gives a unique string and always the "insert" construct executes.
What is the best way to check the same user is working back and forth on the same page. User is not logged in, its an open form on the page.
I'd like that when a user logoff or his session expires, tha SessionID is no longer valid.
I've found the way to do it when the user logoff, simply doing:
[Code]....
But I don't know how to do it when the session has expired. Apparently, if the session has expired and the browser tries again to connect, the same SessionID will be recycled, and I want the server issues a new one, how can I do it?
I'm storing the session IDs of the logged-in users in a database, so I need to kill some sessions using the session Ids stored in the database, but unfortuently I'm not able to get any session using the seesion ID so that I can kill it.
Normally, when my server gets an invalid sessionID on the url it rewrites it. However (several?) search engine(s) are sending requests to my server with a lower case in the session number, where there is normally an upper case S. So for example
(s(vou3fq454gk3fbrncrmk1bmj)) will not just rewrite the sessionID and keep going, but
(S(vou3fq454gk3fbrncrmk1bmj)) WILL rewrite the sessionID and keep going without an error.
This is filling up my database and making it hard for me to use it effectively, plus, I would just like it to work.
Is there any way for it is not care if that first '(s(' is lower case? Or is there a way for IIS to cope with this in an efficient manner?
I hav a problem where I wanted to share session state between main page and subdomain page (example between [URL]. Naturally, in this case, the webserver will give me a different session id because the session id is bound to the domain.
But how can i override the sessionid of my main page when I come back to it?
I have my Web site set up to use SQL Server session state. This works fine. When a session starts, a row is created in ASPStateTempSessions.
When the user logs off the application, I am trying to call the stored procedure TempRemoveStateItem to clean up after myself (not sure if this is the right way to do it or not).
What I noticed is that the SQL table's SessionID column contains 32 characters whereas the .NET Session.SessionID value only contains 24 characters (which match the first 24 characters of the 32 characters stored in the SQL table). Because the values do not match, the stored procedure always fails.
Why would the SessionID value differ between .NET and SQL?
Customer were getting "View State Validation Error" due to worker process recycling at our production webserver and to fix that i applied machinekey and then move my Session state Mode from In Proc to State Server to retain session data and not kick out the customer to relogin. I had serialization issue with one object which has to be stored in session but when i moved it out of session i could able to resolve the issue.
But doing all these i was partly successfull in keeping the user in their session when Worker Process recycle event occurs.I was able to refresh the page or make a post back by clicking the refresh button and also able to retain the session values. But the Problem occurs when sending asynchronous request to server which we do periodically every 15 minutes from the moment the user logs in.The web page doesnot update data on website when sending asynchronous request.By Debugging I found at this particular code point it fails to make a postback which is required.
<%=GetHintFromServer%> (When there is no Worker Process recycle i t gets replaced by WebForm_DoCallback('__Page',message,ShowHint,null,null,false) on postback) Everything works fine when there is no Worker Process Recyling but when it happens looks like sending request asynchronously using javascript fails .Remember When I make a post back by manually clicking submit button everything works fine.
My app has broken after upgrading to ASP.NET 2.0. The problem is that Request.QueryString is empty when the SelectedIndexChanged event of a IE Web Controls tab strip is fired. It worked perfectly in ASP.NET 1. I have the tab strip contained within my own UserControl.
These are not a kind of Sesison Or QueryString so what are them for ? I can get key names and values via Request.Form.Keys and Request.Form[i] but is it another kind of passing values something like session or querystring (post and get) so what is Keys ? Post or Get values? or another type of variable handling? can some friend explain this is useful for what ? what is the obvious difference Keys against QueryString and Session ? are they cookies or what ?
I'd like to be able to reference the asp.net objects Session, Request, from a procedure without passing them in as parameters all the time. Is there a way to do this. For example, now I have
[Code]....
I'd like to call it like this "ContextPT.GetSession()" and have GetSession know how to find the Session object. I know this does not seem like a big deal in this case, but I have reasons.
I have a .NET 3.5 web application that uses SQL Server for its session state store. To improve scalability I wrote a class that implements IPartitionResolver that figures out which instance of SQL Server to use for a users session. All of this works great and just as expected.
However, when I was debugging one day I set a breakpoint at the bottom of the ResolvePartition method to make sure the correct connection string was being returned. To my surprise this breakpoint was hit many (~5-10) times per request! The same is true about breakpoints in the IPartitionResolver.Initialize method.
Does anyone know why this is? It seems to me that you would only need to call these methods once per request. It's not like the users session is going to move to a different instance of SQL Server mid request.
I have noticed that when I have a session that has expired, the Session_OnStart event fires with every new request.
I suppose that this behavior is not normal, because I was expecting that the session would re-start only with the first request and not with every subsequent request.
This behavior occurs only with sessions where the timeout period has been exceded.
The current conditions under which I have experienced this problem are:
I have experienced this problem with an application that is using the .NET 2.0 framework and with a session mode configured to InProc. This problem is happening both on Windows XP SP3 and Windows 2003 Server.
i make a web site using frame but session is expire message is
Object reference not set to an instance of an object Description: HTTP 500. Error processing request.
Stack Trace:
System.NullReferenceException: Object reference not set to an instance of an object at System.Web.UI.Control.OnLoad (System.EventArgs e) [0x00000] in <filename unknown>:0 at System.Web.UI.Control.LoadRecursive () [0x00000] in <filename unknown>:0 at System.Web.UI.Page.ProcessLoad () [0x00000] in <filename unknown>:0 at System.Web.UI.Page.ProcessPostData () [0x00000] in <filename unknown>:0 at System.Web.UI.Page.InternalProcessRequest () [0x00000] in <filename unknown>:0 at System.Web.UI.Page.ProcessRequest (System.Web.HttpContext context) [0x00000] in <filename unknown>:0 My Web Config file is<configuration> <!-- store the database connection info here --> <appSettings> <add key="sBook_StoreDBConnectionString" value="Provider=Microsoft.Jet.OLEDB.4.0;User ID=Admin;Data Source=C:Program FilesCodeChargeExamplesBookStoreBookStore_MSAccess.mdb;Persist Security Info=False" /> </appSettings> <system.web> <httpRuntime executionTimeout="1000" maxRequestLength="2000000" /> <!-- DYNAMIC DEBUG COMPILATION Set compilation debug="true" to enable ASPX debugging. Otherwise, setting this value to false will improve runtime performance of this application. Set compilation debug="true" to insert debugging symbols (.pdb information) into the compiled page. Because this creates a larger file that executes more slowly, you should set this value to true only when debugging and to false at all other times. For more information, refer to the documentation about debugging ASP.NET files. --> <compilation defaultLanguage="c#" debug="true" /> <!-- CUSTOM ERROR MESSAGES Set mode="on" or "remoteonly" to enable custom error messages, "off" to disable. Add <error> tags for each of the errors you want to handle. --> <customErrors mode="Off"/> <!--<customErrors mode="On" defaultRedirect="Login.aspx"> <error statusCode="500" redirect="Login.aspx"/> <error statusCode="404" redirect="Login.aspx"/> <error statusCode="403" redirect="Login.aspx"/></customErrors> --> <!-- AUTHENTICATION This section sets the authentication policies of the application. Possible modes are "Windows", "Forms", "Passport" and "None" --> <authentication mode="None" /> <!-- APPLICATION-LEVEL TRACE LOGGING Application-level tracing enables trace log output for every page within an application. Set trace enabled="true" to enable application trace logging. If pageOutput="true", the trace information will be displayed at the bottom of each page. Otherwise, you can view the application trace log by browsing the "trace.axd" page from your web application root. --> <trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true" /> <!-- SESSION STATE SETTINGS By default ASP .NET uses cookies to identify which requests belong to a particular session. If cookies are not available, a session can be tracked by adding a session identifier to the URL. To disable cookies, set sessionState cookieless="true". --> <sessionState mode="InProc" stateConnectionString="tcpip=localhost:42424" cookieless="false" timeout="60" /> <!-- GLOBALIZATION This section sets the globalization settings of the application. --> <globalization requestEncoding="utf-8" responseEncoding="utf-8" /> </system.web> <connectionStrings> <add name="mydb" connectionString="Server=localhost;User=SYSDBA;Password=datacenter;Database=/opt/db/erp2.fdb;Min Pool Size=5;Max Pool Size=60;Connect Timeout=30" providerName="FirebirdSql.Web.Providers" /> <add name="mydb2" connectionString="Server=localhost;User=blackberry;Password=acgmkRMS;Database=/opt/db/pwd.fdb;Min Pool Size=5;Max Pool Size=60;Connect Timeout=30" providerName="FirebirdSql.Web.Providers" /> </connectionStrings></configuration>
I am doing a POC of making my website run faster. Currently it stores huge object data in Session while passing information from one page to another. What I was thinking is to use shared methods and properties instead of session. It works, but wanted tocheck if this is an optimum way to do it. Below is the code that does not use session but still pass object data from one page to another:
i have a form on page1.aspx with several controls (textbox, dropdownlist, etc).on Page1 PageLoad event i load data from database and performe databinding.From Page1 a user can, by clicking a specific button, move to Page2.aspx to insert some details and, after saving details, he returns to page1.
if save changes are made on control on page1 before save them to db, obviously, these are lost on return from page2 (because are reloaded on pageload from db).How can i save control status between pages round trip?