Reputation: 31847
Azure: Is the HttpContext.Current.Session object shared by all WebRole instances?
I'm testing a WebRole with multiples instances in Windows Azure to test the load balancer. The code that I have to authenticate users is the following:
protected void Application_AcquireRequestState(Object sender, EventArgs e)
{
HttpCookie authCookie =
HttpContext.Current.Request.Cookies
[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
FormsAuthenticationTicket authTicket =
FormsAuthentication.Decrypt(authCookie.Value);
SetUserCredentials(authTicket.Name, authTicket.UserData);
}
}
private void SetUserCredentials(string userName, string securityConfig)
{
Credentials auth = GetSessionCredentials();
if (auth == null && HttpContext.Current.Session != null)
{
log.DebugFormat("Credentials not available in session variable. Building credentials to __SessionSID.");
SID sid =
AuthenticationHelper.Get().
GetAuthenticatedSIDFromName(userName, securityConfig);
if (sid == null)
{
FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();
return;
}
auth = new Credentials(sid);
if (HttpContext.Current.Session != null)
{
log.DebugFormat("Saving credentials in a session variable");
HttpContext.Current.Session.Add("__SessionSID", auth);
}
}
log.DebugFormat("Time setting user credentials for user: {0} {1}ms", userName, Environment.TickCount - ini);
}
private Credentials GetSessionCredentials()
{
if (HttpContext.Current == null)
return null;
if (HttpContext.Current.Session == null)
return null;
return HttpContext.Current.Session["__SessionSID"] as Credentials;
}
Here are my questions. I tested the WebRole with two instances in Azure:
- Suppose I login and the WebRole instance A, performs the authentication.
- When I make a new requests, and the request goes to the WebRole instance B, the authTicket in the
Current.Request.Cookiesand theHttpContext.Current.Session["__SessionSID"]were ok.
Someone could explain it? I the session shared among all the WebRole instances?
Upvotes: 1
Views: 2043
Answers (1)
Reputation: 49095
It all falls down to the Session State Provider configuration.
Typically you would have to implement custom provider (that would usually be Windows Azure Cache or SQL Azure) to allow persisted session data across multiple instances.
http://msdn.microsoft.com/en-us/library/windowsazure/gg185668.aspx
Once logged in (no matter on which instance) you're receiving a cookie with a SessionID in it.
Further requests to any instance will cause the application to request your session data from the configured provider.
Upvotes: 2
Related Questions
- Is it possible to access HttpContext.Current.Session from Web API
- Does static reference to HttpContext.Current.Session return same session for all users?
- Is HttpContext.Current.Session shared between worker processes?
- Can HttpClient share same the HttpContext.Current.Session.SessionID as its host?
- How does Session work in Azure
- Multiple webRole instances at Azure and session state
- Is HttpContext.Current.User Safe for Stateless Session?
- C# - WebForms - Can HttpContext.Current.SessionID be duplicated?
- HttpContext.Current.Session is Confused in Asp.net MVC 3.0
- ASP.net session is shared by default?