Reputation: 93286
Need to change the session ID before the session is loaded
I'm trying to use the built-in .NET session handling to share sessions across multiple ASP.NET applications. I can't use a custom session implementation.
- I have multiple web servers, each with its own hostname, configured to point to the same codebase
- I'm using a HttpModule that manually sets the application name, so as long as requests to different servers have the same session ID, they'll end up using the same session data
Now I need to be able to set the session ID before the session is loaded the first time - I can set it up to change the cookie and redirect on the first load, but I'd really prefer to do it without the redirect.
ETA: We're already using the MS Session State Server to handle session sharing between servers in a pool. This question is specifically about sharing sessions across applications - that is, the application at http://www.example.com and http://shopping.example.com need to be able to share the same session data.
Upvotes: 2
Views: 440
Answers (3)
Reputation: 3814
You need to implement a custom SessionIDManager and put it on the web.config.
Example:
public class CustomSessionIDManager : ISessionIDManager
{
private readonly SessionIDManager _sessionIDManager;
public CustomSessionIDManager()
{
_sessionIDManager = new SessionIDManager();
}
public string CreateSessionID(HttpContext context)
{
return _sessionIDManager.CreateSessionID(context);
}
public string GetSessionID(HttpContext context)
{
// PUT YOUR CUSTOM LOGIC HERE
return _sessionIDManager.GetSessionID(context);
}
public void Initialize()
{
_sessionIDManager.Initialize();
}
public bool InitializeRequest(HttpContext context, bool suppressAutoDetectRedirect, out bool supportSessionIDReissue)
{
return _sessionIDManager.InitializeRequest(context, suppressAutoDetectRedirect, out supportSessionIDReissue);
}
public void RemoveSessionID(HttpContext context)
{
_sessionIDManager.RemoveSessionID(context);
}
public void SaveSessionID(HttpContext context, string id, out bool redirected, out bool cookieAdded)
{
_sessionIDManager.SaveSessionID(context, id, out redirected, out cookieAdded);
}
public bool Validate(string id)
{
return _sessionIDManager.Validate(id);
}
}```
- Put it on the `web.config`:
<system.web>
<sessionState sessionIDManagerType="CustomSessionIDManager" />
</system.web>
Upvotes: 0
Reputation: 28897
Microsoft says it moved to an out-of-process model for ASP.NET Sessions, allowing support for sharing of session state from a storage location and to share it in server farms.
Support for server farm configurations. By moving to an out-of-process model, ASP.NET also solves the server farm problem. The new out-of-process model allows all servers in the farm to share a session state process. You can implement this by changing the ASP.NET configuration to point to a common server.
Windows State Server Session Store
You can use the StateServer setting...
<configuration>
<system.web>
<sessionState mode="StateServer"
stateConnectionString="tcpip=SampleStateServer:42424"
cookieless="false"
timeout="20"/>
</system.web>
</configuration>
StateServer mode, which stores session state in a separate process called the ASP.NET state service. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm
SQL Server Session Store
If you have a backing SQL Server database, you can choose SQLServer mode
SQLServer mode stores session state in a SQL Server database. Using this mode ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm.
<configuration>
<system.web>
<sessionState mode="SQLServer"
sqlConnectionString="Integrated Security=SSPI;data
source=SampleSqlServer;" />
</system.web>
</configuration>
There are other options too. This MSDN article contains pointers about how to further set up such choices...
Upvotes: 1
Reputation: 56409
Perhaps you should consider a different approach. Store whatever data you need to share in a database to which all of your ASP.NET apps have access.
Session should not be shared across different applications.
Upvotes: 0
Related Questions
- Generating new SessionId in ASP.NET
- how to change session id after login in asp.net
- How to Generate a new Session ID
- Regenerate SessionID in ASP.NET
- How to change sessionid after login in .NET?
- Generating a new SessionID on Login (ASP.NET)
- session id changing in mvc3
- C# MVC Application - Change Session ID without losing session data
- ASP.NET session ID value
- Changing SessionID Dynamically in C# ASP.NET